security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

added option file handling

This commit is contained in:
Werner Koch 1997-12-12 12:03:58 +00:00
parent 935965049d
commit 68ea0f4353
38 changed files with 2772 additions and 551 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
TODO
View File

@ -30,4 +30,6 @@
signature packets should be implemented to avoid this.
* compress does not work always!
* complete cipher/cast.c
* complete cipher/dsa.c

5
cipher/Makefile.am
View File

@ -5,7 +5,6 @@ INCLUDES = -I$(top_srcdir)/include
noinst_LIBRARIES = cipher
# please add "rsa.c" and "rsa.h" manually in Makefile.am
cipher_SOURCES = blowfish.c \
blowfish.h \
elgamal.c \
@ -18,6 +17,10 @@ cipher_SOURCES = blowfish.c \
random.c \
rmd.h \
rmd160.c \
sha1.h \
sha1.c \
dsa.h \
dsa.c \
md.c \
smallprime.c

16
cipher/Makefile.in
View File

@ -42,7 +42,6 @@ INCLUDES = -I$(top_srcdir)/include
noinst_LIBRARIES = cipher
# please add "rsa.c" and "rsa.h" manually in Makefile.am
cipher_SOURCES = blowfish.c \
blowfish.h \
elgamal.c \
@ -55,6 +54,10 @@ cipher_SOURCES = blowfish.c \
random.c \
rmd.h \
rmd160.c \
sha1.h \
sha1.c \
dsa.h \
dsa.c \
md.c \
smallprime.c
@ -78,7 +81,7 @@ LIBS = @LIBS@
COMPILE = $(CC) -c $(DEFS) $(INCLUDES) $(CPPFLAGS) $(CFLAGS)
LINK = $(CC) $(LDFLAGS) -o $@
cipher_OBJECTS = blowfish.o elgamal.o gost.o md5.o primegen.o random.o \
rmd160.o md.o smallprime.o
rmd160.o sha1.o dsa.o md.o smallprime.o
EXTRA_cipher_SOURCES =
LIBFILES = libcipher.a
AR = ar
@ -95,10 +98,11 @@ DEP_DISTFILES = $(DIST_COMMON) $(SOURCES) $(BUILT_SOURCES) $(HEADERS) \
$(TEXINFOS) $(INFO_DEPS) $(MANS) $(EXTRA_DIST) $(DATA)
TAR = tar
DEP_FILES = $(srcdir)/.deps/blowfish.P $(srcdir)/.deps/elgamal.P \
$(srcdir)/.deps/gost.P $(srcdir)/.deps/md.P $(srcdir)/.deps/md5.P \
$(srcdir)/.deps/primegen.P $(srcdir)/.deps/random.P \
$(srcdir)/.deps/rmd160.P $(srcdir)/.deps/smallprime.P
DEP_FILES = $(srcdir)/.deps/blowfish.P $(srcdir)/.deps/dsa.P \
$(srcdir)/.deps/elgamal.P $(srcdir)/.deps/gost.P $(srcdir)/.deps/md.P \
$(srcdir)/.deps/md5.P $(srcdir)/.deps/primegen.P \
$(srcdir)/.deps/random.P $(srcdir)/.deps/rmd160.P \
$(srcdir)/.deps/sha1.P $(srcdir)/.deps/smallprime.P
SOURCES = $(cipher_SOURCES)
OBJECTS = $(cipher_OBJECTS)

615
cipher/cast5.c Normal file
View File

@ -0,0 +1,615 @@
/* cast5.c - CAST5 cipher (RFC2144)
* Copyright (c) 1997 by Werner Koch (dd9jn)
*
* This file is part of G10.
*
* G10 is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* G10 is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <assert.h>
#include "util.h"
#include "types.h"
#include "cast5.h"
static const u32 s1[256] = {
0x30fb40d4, 0x9fa0ff0b, 0x6beccd2f, 0x3f258c7a, 0x1e213f2f, 0x9c004dd3, 0x6003e540, 0xcf9fc949,
0xbfd4af27, 0x88bbbdb5, 0xe2034090, 0x98d09675, 0x6e63a0e0, 0x15c361d2, 0xc2e7661d, 0x22d4ff8e,
0x28683b6f, 0xc07fd059, 0xff2379c8, 0x775f50e2, 0x43c340d3, 0xdf2f8656, 0x887ca41a, 0xa2d2bd2d,
0xa1c9e0d6, 0x346c4819, 0x61b76d87, 0x22540f2f, 0x2abe32e1, 0xaa54166b, 0x22568e3a, 0xa2d341d0,
0x66db40c8, 0xa784392f, 0x004dff2f, 0x2db9d2de, 0x97943fac, 0x4a97c1d8, 0x527644b7, 0xb5f437a7,
0xb82cbaef, 0xd751d159, 0x6ff7f0ed, 0x5a097a1f, 0x827b68d0, 0x90ecf52e, 0x22b0c054, 0xbc8e5935,
0x4b6d2f7f, 0x50bb64a2, 0xd2664910, 0xbee5812d, 0xb7332290, 0xe93b159f, 0xb48ee411, 0x4bff345d,
0xfd45c240, 0xad31973f, 0xc4f6d02e, 0x55fc8165, 0xd5b1caad, 0xa1ac2dae, 0xa2d4b76d, 0xc19b0c50,
0x882240f2, 0x0c6e4f38, 0xa4e4bfd7, 0x4f5ba272, 0x564c1d2f, 0xc59c5319, 0xb949e354, 0xb04669fe,
0xb1b6ab8a, 0xc71358dd, 0x6385c545, 0x110f935d, 0x57538ad5, 0x6a390493, 0xe63d37e0, 0x2a54f6b3,
0x3a787d5f, 0x6276a0b5, 0x19a6fcdf, 0x7a42206a, 0x29f9d4d5, 0xf61b1891, 0xbb72275e, 0xaa508167,
0x38901091, 0xc6b505eb, 0x84c7cb8c, 0x2ad75a0f, 0x874a1427, 0xa2d1936b, 0x2ad286af, 0xaa56d291,
0xd7894360, 0x425c750d, 0x93b39e26, 0x187184c9, 0x6c00b32d, 0x73e2bb14, 0xa0bebc3c, 0x54623779,
0x64459eab, 0x3f328b82, 0x7718cf82, 0x59a2cea6, 0x04ee002e, 0x89fe78e6, 0x3fab0950, 0x325ff6c2,
0x81383f05, 0x6963c5c8, 0x76cb5ad6, 0xd49974c9, 0xca180dcf, 0x380782d5, 0xc7fa5cf6, 0x8ac31511,
0x35e79e13, 0x47da91d0, 0xf40f9086, 0xa7e2419e, 0x31366241, 0x051ef495, 0xaa573b04, 0x4a805d8d,
0x548300d0, 0x00322a3c, 0xbf64cddf, 0xba57a68e, 0x75c6372b, 0x50afd341, 0xa7c13275, 0x915a0bf5,
0x6b54bfab, 0x2b0b1426, 0xab4cc9d7, 0x449ccd82, 0xf7fbf265, 0xab85c5f3, 0x1b55db94, 0xaad4e324,
0xcfa4bd3f, 0x2deaa3e2, 0x9e204d02, 0xc8bd25ac, 0xeadf55b3, 0xd5bd9e98, 0xe31231b2, 0x2ad5ad6c,
0x954329de, 0xadbe4528, 0xd8710f69, 0xaa51c90f, 0xaa786bf6, 0x22513f1e, 0xaa51a79b, 0x2ad344cc,
0x7b5a41f0, 0xd37cfbad, 0x1b069505, 0x41ece491, 0xb4c332e6, 0x032268d4, 0xc9600acc, 0xce387e6d,
0xbf6bb16c, 0x6a70fb78, 0x0d03d9c9, 0xd4df39de, 0xe01063da, 0x4736f464, 0x5ad328d8, 0xb347cc96,
0x75bb0fc3, 0x98511bfb, 0x4ffbcc35, 0xb58bcf6a, 0xe11f0abc, 0xbfc5fe4a, 0xa70aec10, 0xac39570a,
0x3f04442f, 0x6188b153, 0xe0397a2e, 0x5727cb79, 0x9ceb418f, 0x1cacd68d, 0x2ad37c96, 0x0175cb9d,
0xc69dff09, 0xc75b65f0, 0xd9db40d8, 0xec0e7779, 0x4744ead4, 0xb11c3274, 0xdd24cb9e, 0x7e1c54bd,
0xf01144f9, 0xd2240eb1, 0x9675b3fd, 0xa3ac3755, 0xd47c27af, 0x51c85f4d, 0x56907596, 0xa5bb15e6,
0x580304f0, 0xca042cf1, 0x011a37ea, 0x8dbfaadb, 0x35ba3e4a, 0x3526ffa0, 0xc37b4d09, 0xbc306ed9,
0x98a52666, 0x5648f725, 0xff5e569d, 0x0ced63d0, 0x7c63b2cf, 0x700b45e1, 0xd5ea50f1, 0x85a92872,
0xaf1fbda7, 0xd4234870, 0xa7870bf3, 0x2d3b4d79, 0x42e04198, 0x0cd0ede7, 0x26470db8, 0xf881814c,
0x474d6ad7, 0x7c0c5e5c, 0xd1231959, 0x381b7298, 0xf5d2f4db, 0xab838653, 0x6e2f1e23, 0x83719c9e,
0xbd91e046, 0x9a56456e, 0xdc39200c, 0x20c8c571, 0x962bda1c, 0xe1e696ff, 0xb141ab08, 0x7cca89b9,
0x1a69e783, 0x02cc4843, 0xa2f7c579, 0x429ef47d, 0x427b169c, 0x5ac9f049, 0xdd8f0f00, 0x5c8165bf
};
static const u32 s2[256] = {
0x1f201094, 0xef0ba75b, 0x69e3cf7e, 0x393f4380, 0xfe61cf7a, 0xeec5207a, 0x55889c94, 0x72fc0651,
0xada7ef79, 0x4e1d7235, 0xd55a63ce, 0xde0436ba, 0x99c430ef, 0x5f0c0794, 0x18dcdb7d, 0xa1d6eff3,
0xa0b52f7b, 0x59e83605, 0xee15b094, 0xe9ffd909, 0xdc440086, 0xef944459, 0xba83ccb3, 0xe0c3cdfb,
0xd1da4181, 0x3b092ab1, 0xf997f1c1, 0xa5e6cf7b, 0x01420ddb, 0xe4e7ef5b, 0x25a1ff41, 0xe180f806,
0x1fc41080, 0x179bee7a, 0xd37ac6a9, 0xfe5830a4, 0x98de8b7f, 0x77e83f4e, 0x79929269, 0x24fa9f7b,
0xe113c85b, 0xacc40083, 0xd7503525, 0xf7ea615f, 0x62143154, 0x0d554b63, 0x5d681121, 0xc866c359,
0x3d63cf73, 0xcee234c0, 0xd4d87e87, 0x5c672b21, 0x071f6181, 0x39f7627f, 0x361e3084, 0xe4eb573b,
0x602f64a4, 0xd63acd9c, 0x1bbc4635, 0x9e81032d, 0x2701f50c, 0x99847ab4, 0xa0e3df79, 0xba6cf38c,
0x10843094, 0x2537a95e, 0xf46f6ffe, 0xa1ff3b1f, 0x208cfb6a, 0x8f458c74, 0xd9e0a227, 0x4ec73a34,
0xfc884f69, 0x3e4de8df, 0xef0e0088, 0x3559648d, 0x8a45388c, 0x1d804366, 0x721d9bfd, 0xa58684bb,
0xe8256333, 0x844e8212, 0x128d8098, 0xfed33fb4, 0xce280ae1, 0x27e19ba5, 0xd5a6c252, 0xe49754bd,
0xc5d655dd, 0xeb667064, 0x77840b4d, 0xa1b6a801, 0x84db26a9, 0xe0b56714, 0x21f043b7, 0xe5d05860,
0x54f03084, 0x066ff472, 0xa31aa153, 0xdadc4755, 0xb5625dbf, 0x68561be6, 0x83ca6b94, 0x2d6ed23b,
0xeccf01db, 0xa6d3d0ba, 0xb6803d5c, 0xaf77a709, 0x33b4a34c, 0x397bc8d6, 0x5ee22b95, 0x5f0e5304,
0x81ed6f61, 0x20e74364, 0xb45e1378, 0xde18639b, 0x881ca122, 0xb96726d1, 0x8049a7e8, 0x22b7da7b,
0x5e552d25, 0x5272d237, 0x79d2951c, 0xc60d894c, 0x488cb402, 0x1ba4fe5b, 0xa4b09f6b, 0x1ca815cf,
0xa20c3005, 0x8871df63, 0xb9de2fcb, 0x0cc6c9e9, 0x0beeff53, 0xe3214517, 0xb4542835, 0x9f63293c,
0xee41e729, 0x6e1d2d7c, 0x50045286, 0x1e6685f3, 0xf33401c6, 0x30a22c95, 0x31a70850, 0x60930f13,
0x73f98417, 0xa1269859, 0xec645c44, 0x52c877a9, 0xcdff33a6, 0xa02b1741, 0x7cbad9a2, 0x2180036f,
0x50d99c08, 0xcb3f4861, 0xc26bd765, 0x64a3f6ab, 0x80342676, 0x25a75e7b, 0xe4e6d1fc, 0x20c710e6,
0xcdf0b680, 0x17844d3b, 0x31eef84d, 0x7e0824e4, 0x2ccb49eb, 0x846a3bae, 0x8ff77888, 0xee5d60f6,
0x7af75673, 0x2fdd5cdb, 0xa11631c1, 0x30f66f43, 0xb3faec54, 0x157fd7fa, 0xef8579cc, 0xd152de58,
0xdb2ffd5e, 0x8f32ce19, 0x306af97a, 0x02f03ef8, 0x99319ad5, 0xc242fa0f, 0xa7e3ebb0, 0xc68e4906,
0xb8da230c, 0x80823028, 0xdcdef3c8, 0xd35fb171, 0x088a1bc8, 0xbec0c560, 0x61a3c9e8, 0xbca8f54d,
0xc72feffa, 0x22822e99, 0x82c570b4, 0xd8d94e89, 0x8b1c34bc, 0x301e16e6, 0x273be979, 0xb0ffeaa6,
0x61d9b8c6, 0x00b24869, 0xb7ffce3f, 0x08dc283b, 0x43daf65a, 0xf7e19798, 0x7619b72f, 0x8f1c9ba4,
0xdc8637a0, 0x16a7d3b1, 0x9fc393b7, 0xa7136eeb, 0xc6bcc63e, 0x1a513742, 0xef6828bc, 0x520365d6,
0x2d6a77ab, 0x3527ed4b, 0x821fd216, 0x095c6e2e, 0xdb92f2fb, 0x5eea29cb, 0x145892f5, 0x91584f7f,
0x5483697b, 0x2667a8cc, 0x85196048, 0x8c4bacea, 0x833860d4, 0x0d23e0f9, 0x6c387e8a, 0x0ae6d249,
0xb284600c, 0xd835731d, 0xdcb1c647, 0xac4c56ea, 0x3ebd81b3, 0x230eabb0, 0x6438bc87, 0xf0b5b1fa,
0x8f5ea2b3, 0xfc184642, 0x0a036b7a, 0x4fb089bd, 0x649da589, 0xa345415e, 0x5c038323, 0x3e5d3bb9,
0x43d79572, 0x7e6dd07c, 0x06dfdf1e, 0x6c6cc4ef, 0x7160a539, 0x73bfbe70, 0x83877605, 0x4523ecf1
};
static const u32 s3[256] = {
0x8defc240, 0x25fa5d9f, 0xeb903dbf, 0xe810c907, 0x47607fff, 0x369fe44b, 0x8c1fc644, 0xaececa90,
0xbeb1f9bf, 0xeefbcaea, 0xe8cf1950, 0x51df07ae, 0x920e8806, 0xf0ad0548, 0xe13c8d83, 0x927010d5,
0x11107d9f, 0x07647db9, 0xb2e3e4d4, 0x3d4f285e, 0xb9afa820, 0xfade82e0, 0xa067268b, 0x8272792e,
0x553fb2c0, 0x489ae22b, 0xd4ef9794, 0x125e3fbc, 0x21fffcee, 0x825b1bfd, 0x9255c5ed, 0x1257a240,
0x4e1a8302, 0xbae07fff, 0x528246e7, 0x8e57140e, 0x3373f7bf, 0x8c9f8188, 0xa6fc4ee8, 0xc982b5a5,
0xa8c01db7, 0x579fc264, 0x67094f31, 0xf2bd3f5f, 0x40fff7c1, 0x1fb78dfc, 0x8e6bd2c1, 0x437be59b,
0x99b03dbf, 0xb5dbc64b, 0x638dc0e6, 0x55819d99, 0xa197c81c, 0x4a012d6e, 0xc5884a28, 0xccc36f71,
0xb843c213, 0x6c0743f1, 0x8309893c, 0x0feddd5f, 0x2f7fe850, 0xd7c07f7e, 0x02507fbf, 0x5afb9a04,
0xa747d2d0, 0x1651192e, 0xaf70bf3e, 0x58c31380, 0x5f98302e, 0x727cc3c4, 0x0a0fb402, 0x0f7fef82,
0x8c96fdad, 0x5d2c2aae, 0x8ee99a49, 0x50da88b8, 0x8427f4a0, 0x1eac5790, 0x796fb449, 0x8252dc15,
0xefbd7d9b, 0xa672597d, 0xada840d8, 0x45f54504, 0xfa5d7403, 0xe83ec305, 0x4f91751a, 0x925669c2,
0x23efe941, 0xa903f12e, 0x60270df2, 0x0276e4b6, 0x94fd6574, 0x927985b2, 0x8276dbcb, 0x02778176,
0xf8af918d, 0x4e48f79e, 0x8f616ddf, 0xe29d840e, 0x842f7d83, 0x340ce5c8, 0x96bbb682, 0x93b4b148,
0xef303cab, 0x984faf28, 0x779faf9b, 0x92dc560d, 0x224d1e20, 0x8437aa88, 0x7d29dc96, 0x2756d3dc,
0x8b907cee, 0xb51fd240, 0xe7c07ce3, 0xe566b4a1, 0xc3e9615e, 0x3cf8209d, 0x6094d1e3, 0xcd9ca341,
0x5c76460e, 0x00ea983b, 0xd4d67881, 0xfd47572c, 0xf76cedd9, 0xbda8229c, 0x127dadaa, 0x438a074e,
0x1f97c090, 0x081bdb8a, 0x93a07ebe, 0xb938ca15, 0x97b03cff, 0x3dc2c0f8, 0x8d1ab2ec, 0x64380e51,
0x68cc7bfb, 0xd90f2788, 0x12490181, 0x5de5ffd4, 0xdd7ef86a, 0x76a2e214, 0xb9a40368, 0x925d958f,
0x4b39fffa, 0xba39aee9, 0xa4ffd30b, 0xfaf7933b, 0x6d498623, 0x193cbcfa, 0x27627545, 0x825cf47a,
0x61bd8ba0, 0xd11e42d1, 0xcead04f4, 0x127ea392, 0x10428db7, 0x8272a972, 0x9270c4a8, 0x127de50b,
0x285ba1c8, 0x3c62f44f, 0x35c0eaa5, 0xe805d231, 0x428929fb, 0xb4fcdf82, 0x4fb66a53, 0x0e7dc15b,
0x1f081fab, 0x108618ae, 0xfcfd086d, 0xf9ff2889, 0x694bcc11, 0x236a5cae, 0x12deca4d, 0x2c3f8cc5,
0xd2d02dfe, 0xf8ef5896, 0xe4cf52da, 0x95155b67, 0x494a488c, 0xb9b6a80c, 0x5c8f82bc, 0x89d36b45,
0x3a609437, 0xec00c9a9, 0x44715253, 0x0a874b49, 0xd773bc40, 0x7c34671c, 0x02717ef6, 0x4feb5536,
0xa2d02fff, 0xd2bf60c4, 0xd43f03c0, 0x50b4ef6d, 0x07478cd1, 0x006e1888, 0xa2e53f55, 0xb9e6d4bc,
0xa2048016, 0x97573833, 0xd7207d67, 0xde0f8f3d, 0x72f87b33, 0xabcc4f33, 0x7688c55d, 0x7b00a6b0,
0x947b0001, 0x570075d2, 0xf9bb88f8, 0x8942019e, 0x4264a5ff, 0x856302e0, 0x72dbd92b, 0xee971b69,
0x6ea22fde, 0x5f08ae2b, 0xaf7a616d, 0xe5c98767, 0xcf1febd2, 0x61efc8c2, 0xf1ac2571, 0xcc8239c2,
0x67214cb8, 0xb1e583d1, 0xb7dc3e62, 0x7f10bdce, 0xf90a5c38, 0x0ff0443d, 0x606e6dc6, 0x60543a49,
0x5727c148, 0x2be98a1d, 0x8ab41738, 0x20e1be24, 0xaf96da0f, 0x68458425, 0x99833be5, 0x600d457d,
0x282f9350, 0x8334b362, 0xd91d1120, 0x2b6d8da0, 0x642b1e31, 0x9c305a00, 0x52bce688, 0x1b03588a,
0xf7baefd5, 0x4142ed9c, 0xa4315c11, 0x83323ec5, 0xdfef4636, 0xa133c501, 0xe9d3531c, 0xee353783
};
static const u32 s4[256] = {
0x9db30420, 0x1fb6e9de, 0xa7be7bef, 0xd273a298, 0x4a4f7bdb, 0x64ad8c57, 0x85510443, 0xfa020ed1,
0x7e287aff, 0xe60fb663, 0x095f35a1, 0x79ebf120, 0xfd059d43, 0x6497b7b1, 0xf3641f63, 0x241e4adf,
0x28147f5f, 0x4fa2b8cd, 0xc9430040, 0x0cc32220, 0xfdd30b30, 0xc0a5374f, 0x1d2d00d9, 0x24147b15,
0xee4d111a, 0x0fca5167, 0x71ff904c, 0x2d195ffe, 0x1a05645f, 0x0c13fefe, 0x081b08ca, 0x05170121,
0x80530100, 0xe83e5efe, 0xac9af4f8, 0x7fe72701, 0xd2b8ee5f, 0x06df4261, 0xbb9e9b8a, 0x7293ea25,
0xce84ffdf, 0xf5718801, 0x3dd64b04, 0xa26f263b, 0x7ed48400, 0x547eebe6, 0x446d4ca0, 0x6cf3d6f5,
0x2649abdf, 0xaea0c7f5, 0x36338cc1, 0x503f7e93, 0xd3772061, 0x11b638e1, 0x72500e03, 0xf80eb2bb,
0xabe0502e, 0xec8d77de, 0x57971e81, 0xe14f6746, 0xc9335400, 0x6920318f, 0x081dbb99, 0xffc304a5,
0x4d351805, 0x7f3d5ce3, 0xa6c866c6, 0x5d5bcca9, 0xdaec6fea, 0x9f926f91, 0x9f46222f, 0x3991467d,
0xa5bf6d8e, 0x1143c44f, 0x43958302, 0xd0214eeb, 0x022083b8, 0x3fb6180c, 0x18f8931e, 0x281658e6,
0x26486e3e, 0x8bd78a70, 0x7477e4c1, 0xb506e07c, 0xf32d0a25, 0x79098b02, 0xe4eabb81, 0x28123b23,
0x69dead38, 0x1574ca16, 0xdf871b62, 0x211c40b7, 0xa51a9ef9, 0x0014377b, 0x041e8ac8, 0x09114003,
0xbd59e4d2, 0xe3d156d5, 0x4fe876d5, 0x2f91a340, 0x557be8de, 0x00eae4a7, 0x0ce5c2ec, 0x4db4bba6,
0xe756bdff, 0xdd3369ac, 0xec17b035, 0x06572327, 0x99afc8b0, 0x56c8c391, 0x6b65811c, 0x5e146119,
0x6e85cb75, 0xbe07c002, 0xc2325577, 0x893ff4ec, 0x5bbfc92d, 0xd0ec3b25, 0xb7801ab7, 0x8d6d3b24,
0x20c763ef, 0xc366a5fc, 0x9c382880, 0x0ace3205, 0xaac9548a, 0xeca1d7c7, 0x041afa32, 0x1d16625a,
0x6701902c, 0x9b757a54, 0x31d477f7, 0x9126b031, 0x36cc6fdb, 0xc70b8b46, 0xd9e66a48, 0x56e55a79,
0x026a4ceb, 0x52437eff, 0x2f8f76b4, 0x0df980a5, 0x8674cde3, 0xedda04eb, 0x17a9be04, 0x2c18f4df,
0xb7747f9d, 0xab2af7b4, 0xefc34d20, 0x2e096b7c, 0x1741a254, 0xe5b6a035, 0x213d42f6, 0x2c1c7c26,
0x61c2f50f, 0x6552daf9, 0xd2c231f8, 0x25130f69, 0xd8167fa2, 0x0418f2c8, 0x001a96a6, 0x0d1526ab,
0x63315c21, 0x5e0a72ec, 0x49bafefd, 0x187908d9, 0x8d0dbd86, 0x311170a7, 0x3e9b640c, 0xcc3e10d7,
0xd5cad3b6, 0x0caec388, 0xf73001e1, 0x6c728aff, 0x71eae2a1, 0x1f9af36e, 0xcfcbd12f, 0xc1de8417,
0xac07be6b, 0xcb44a1d8, 0x8b9b0f56, 0x013988c3, 0xb1c52fca, 0xb4be31cd, 0xd8782806, 0x12a3a4e2,
0x6f7de532, 0x58fd7eb6, 0xd01ee900, 0x24adffc2, 0xf4990fc5, 0x9711aac5, 0x001d7b95, 0x82e5e7d2,
0x109873f6, 0x00613096, 0xc32d9521, 0xada121ff, 0x29908415, 0x7fbb977f, 0xaf9eb3db, 0x29c9ed2a,
0x5ce2a465, 0xa730f32c, 0xd0aa3fe8, 0x8a5cc091, 0xd49e2ce7, 0x0ce454a9, 0xd60acd86, 0x015f1919,
0x77079103, 0xdea03af6, 0x78a8565e, 0xdee356df, 0x21f05cbe, 0x8b75e387, 0xb3c50651, 0xb8a5c3ef,
0xd8eeb6d2, 0xe523be77, 0xc2154529, 0x2f69efdf, 0xafe67afb, 0xf470c4b2, 0xf3e0eb5b, 0xd6cc9876,
0x39e4460c, 0x1fda8538, 0x1987832f, 0xca007367, 0xa99144f8, 0x296b299e, 0x492fc295, 0x9266beab,
0xb5676e69, 0x9bd3ddda, 0xdf7e052f, 0xdb25701c, 0x1b5e51ee, 0xf65324e6, 0x6afce36c, 0x0316cc04,
0x8644213e, 0xb7dc59d0, 0x7965291f, 0xccd6fd43, 0x41823979, 0x932bcdf6, 0xb657c34d, 0x4edfd282,
0x7ae5290c, 0x3cb9536b, 0x851e20fe, 0x9833557e, 0x13ecf0b0, 0xd3ffb372, 0x3f85c5c1, 0x0aef7ed2
};
static const u32 s5[256] = {
0x7ec90c04, 0x2c6e74b9, 0x9b0e66df, 0xa6337911, 0xb86a7fff, 0x1dd358f5, 0x44dd9d44, 0x1731167f,
0x08fbf1fa, 0xe7f511cc, 0xd2051b00, 0x735aba00, 0x2ab722d8, 0x386381cb, 0xacf6243a, 0x69befd7a,
0xe6a2e77f, 0xf0c720cd, 0xc4494816, 0xccf5c180, 0x38851640, 0x15b0a848, 0xe68b18cb, 0x4caadeff,
0x5f480a01, 0x0412b2aa, 0x259814fc, 0x41d0efe2, 0x4e40b48d, 0x248eb6fb, 0x8dba1cfe, 0x41a99b02,
0x1a550a04, 0xba8f65cb, 0x7251f4e7, 0x95a51725, 0xc106ecd7, 0x97a5980a, 0xc539b9aa, 0x4d79fe6a,
0xf2f3f763, 0x68af8040, 0xed0c9e56, 0x11b4958b, 0xe1eb5a88, 0x8709e6b0, 0xd7e07156, 0x4e29fea7,
0x6366e52d, 0x02d1c000, 0xc4ac8e05, 0x9377f571, 0x0c05372a, 0x578535f2, 0x2261be02, 0xd642a0c9,
0xdf13a280, 0x74b55bd2, 0x682199c0, 0xd421e5ec, 0x53fb3ce8, 0xc8adedb3, 0x28a87fc9, 0x3d959981,
0x5c1ff900, 0xfe38d399, 0x0c4eff0b, 0x062407ea, 0xaa2f4fb1, 0x4fb96976, 0x90c79505, 0xb0a8a774,
0xef55a1ff, 0xe59ca2c2, 0xa6b62d27, 0xe66a4263, 0xdf65001f, 0x0ec50966, 0xdfdd55bc, 0x29de0655,
0x911e739a, 0x17af8975, 0x32c7911c, 0x89f89468, 0x0d01e980, 0x524755f4, 0x03b63cc9, 0x0cc844b2,
0xbcf3f0aa, 0x87ac36e9, 0xe53a7426, 0x01b3d82b, 0x1a9e7449, 0x64ee2d7e, 0xcddbb1da, 0x01c94910,
0xb868bf80, 0x0d26f3fd, 0x9342ede7, 0x04a5c284, 0x636737b6, 0x50f5b616, 0xf24766e3, 0x8eca36c1,
0x136e05db, 0xfef18391, 0xfb887a37, 0xd6e7f7d4, 0xc7fb7dc9, 0x3063fcdf, 0xb6f589de, 0xec2941da,
0x26e46695, 0xb7566419, 0xf654efc5, 0xd08d58b7, 0x48925401, 0xc1bacb7f, 0xe5ff550f, 0xb6083049,
0x5bb5d0e8, 0x87d72e5a, 0xab6a6ee1, 0x223a66ce, 0xc62bf3cd, 0x9e0885f9, 0x68cb3e47, 0x086c010f,
0xa21de820, 0xd18b69de, 0xf3f65777, 0xfa02c3f6, 0x407edac3, 0xcbb3d550, 0x1793084d, 0xb0d70eba,
0x0ab378d5, 0xd951fb0c, 0xded7da56, 0x4124bbe4, 0x94ca0b56, 0x0f5755d1, 0xe0e1e56e, 0x6184b5be,
0x580a249f, 0x94f74bc0, 0xe327888e, 0x9f7b5561, 0xc3dc0280, 0x05687715, 0x646c6bd7, 0x44904db3,
0x66b4f0a3, 0xc0f1648a, 0x697ed5af, 0x49e92ff6, 0x309e374f, 0x2cb6356a, 0x85808573, 0x4991f840,
0x76f0ae02, 0x083be84d, 0x28421c9a, 0x44489406, 0x736e4cb8, 0xc1092910, 0x8bc95fc6, 0x7d869cf4,
0x134f616f, 0x2e77118d, 0xb31b2be1, 0xaa90b472, 0x3ca5d717, 0x7d161bba, 0x9cad9010, 0xaf462ba2,
0x9fe459d2, 0x45d34559, 0xd9f2da13, 0xdbc65487, 0xf3e4f94e, 0x176d486f, 0x097c13ea, 0x631da5c7,
0x445f7382, 0x175683f4, 0xcdc66a97, 0x70be0288, 0xb3cdcf72, 0x6e5dd2f3, 0x20936079, 0x459b80a5,
0xbe60e2db, 0xa9c23101, 0xeba5315c, 0x224e42f2, 0x1c5c1572, 0xf6721b2c, 0x1ad2fff3, 0x8c25404e,
0x324ed72f, 0x4067b7fd, 0x0523138e, 0x5ca3bc78, 0xdc0fd66e, 0x75922283, 0x784d6b17, 0x58ebb16e,
0x44094f85, 0x3f481d87, 0xfcfeae7b, 0x77b5ff76, 0x8c2302bf, 0xaaf47556, 0x5f46b02a, 0x2b092801,
0x3d38f5f7, 0x0ca81f36, 0x52af4a8a, 0x66d5e7c0, 0xdf3b0874, 0x95055110, 0x1b5ad7a8, 0xf61ed5ad,
0x6cf6e479, 0x20758184, 0xd0cefa65, 0x88f7be58, 0x4a046826, 0x0ff6f8f3, 0xa09c7f70, 0x5346aba0,
0x5ce96c28, 0xe176eda3, 0x6bac307f, 0x376829d2, 0x85360fa9, 0x17e3fe2a, 0x24b79767, 0xf5a96b20,
0xd6cd2595, 0x68ff1ebf, 0x7555442c, 0xf19f06be, 0xf9e0659a, 0xeeb9491d, 0x34010718, 0xbb30cab8,
0xe822fe15, 0x88570983, 0x750e6249, 0xda627e55, 0x5e76ffa8, 0xb1534546, 0x6d47de08, 0xefe9e7d4
};
static const u32 s6[256] = {
0xf6fa8f9d, 0x2cac6ce1, 0x4ca34867, 0xe2337f7c, 0x95db08e7, 0x016843b4, 0xeced5cbc, 0x325553ac,
0xbf9f0960, 0xdfa1e2ed, 0x83f0579d, 0x63ed86b9, 0x1ab6a6b8, 0xde5ebe39, 0xf38ff732, 0x8989b138,
0x33f14961, 0xc01937bd, 0xf506c6da, 0xe4625e7e, 0xa308ea99, 0x4e23e33c, 0x79cbd7cc, 0x48a14367,
0xa3149619, 0xfec94bd5, 0xa114174a, 0xeaa01866, 0xa084db2d, 0x09a8486f, 0xa888614a, 0x2900af98,
0x01665991, 0xe1992863, 0xc8f30c60, 0x2e78ef3c, 0xd0d51932, 0xcf0fec14, 0xf7ca07d2, 0xd0a82072,
0xfd41197e, 0x9305a6b0, 0xe86be3da, 0x74bed3cd, 0x372da53c, 0x4c7f4448, 0xdab5d440, 0x6dba0ec3,
0x083919a7, 0x9fbaeed9, 0x49dbcfb0, 0x4e670c53, 0x5c3d9c01, 0x64bdb941, 0x2c0e636a, 0xba7dd9cd,
0xea6f7388, 0xe70bc762, 0x35f29adb, 0x5c4cdd8d, 0xf0d48d8c, 0xb88153e2, 0x08a19866, 0x1ae2eac8,
0x284caf89, 0xaa928223, 0x9334be53, 0x3b3a21bf, 0x16434be3, 0x9aea3906, 0xefe8c36e, 0xf890cdd9,
0x80226dae, 0xc340a4a3, 0xdf7e9c09, 0xa694a807, 0x5b7c5ecc, 0x221db3a6, 0x9a69a02f, 0x68818a54,
0xceb2296f, 0x53c0843a, 0xfe893655, 0x25bfe68a, 0xb4628abc, 0xcf222ebf, 0x25ac6f48, 0xa9a99387,
0x53bddb65, 0xe76ffbe7, 0xe967fd78, 0x0ba93563, 0x8e342bc1, 0xe8a11be9, 0x4980740d, 0xc8087dfc,
0x8de4bf99, 0xa11101a0, 0x7fd37975, 0xda5a26c0, 0xe81f994f, 0x9528cd89, 0xfd339fed, 0xb87834bf,
0x5f04456d, 0x22258698, 0xc9c4c83b, 0x2dc156be, 0x4f628daa, 0x57f55ec5, 0xe2220abe, 0xd2916ebf,
0x4ec75b95, 0x24f2c3c0, 0x42d15d99, 0xcd0d7fa0, 0x7b6e27ff, 0xa8dc8af0, 0x7345c106, 0xf41e232f,
0x35162386, 0xe6ea8926, 0x3333b094, 0x157ec6f2, 0x372b74af, 0x692573e4, 0xe9a9d848, 0xf3160289,
0x3a62ef1d, 0xa787e238, 0xf3a5f676, 0x74364853, 0x20951063, 0x4576698d, 0xb6fad407, 0x592af950,
0x36f73523, 0x4cfb6e87, 0x7da4cec0, 0x6c152daa, 0xcb0396a8, 0xc50dfe5d, 0xfcd707ab, 0x0921c42f,
0x89dff0bb, 0x5fe2be78, 0x448f4f33, 0x754613c9, 0x2b05d08d, 0x48b9d585, 0xdc049441, 0xc8098f9b,
0x7dede786, 0xc39a3373, 0x42410005, 0x6a091751, 0x0ef3c8a6, 0x890072d6, 0x28207682, 0xa9a9f7be,
0xbf32679d, 0xd45b5b75, 0xb353fd00, 0xcbb0e358, 0x830f220a, 0x1f8fb214, 0xd372cf08, 0xcc3c4a13,
0x8cf63166, 0x061c87be, 0x88c98f88, 0x6062e397, 0x47cf8e7a, 0xb6c85283, 0x3cc2acfb, 0x3fc06976,
0x4e8f0252, 0x64d8314d, 0xda3870e3, 0x1e665459, 0xc10908f0, 0x513021a5, 0x6c5b68b7, 0x822f8aa0,
0x3007cd3e, 0x74719eef, 0xdc872681, 0x073340d4, 0x7e432fd9, 0x0c5ec241, 0x8809286c, 0xf592d891,
0x08a930f6, 0x957ef305, 0xb7fbffbd, 0xc266e96f, 0x6fe4ac98, 0xb173ecc0, 0xbc60b42a, 0x953498da,
0xfba1ae12, 0x2d4bd736, 0x0f25faab, 0xa4f3fceb, 0xe2969123, 0x257f0c3d, 0x9348af49, 0x361400bc,
0xe8816f4a, 0x3814f200, 0xa3f94043, 0x9c7a54c2, 0xbc704f57, 0xda41e7f9, 0xc25ad33a, 0x54f4a084,
0xb17f5505, 0x59357cbe, 0xedbd15c8, 0x7f97c5ab, 0xba5ac7b5, 0xb6f6deaf, 0x3a479c3a, 0x5302da25,
0x653d7e6a, 0x54268d49, 0x51a477ea, 0x5017d55b, 0xd7d25d88, 0x44136c76, 0x0404a8c8, 0xb8e5a121,
0xb81a928a, 0x60ed5869, 0x97c55b96, 0xeaec991b, 0x29935913, 0x01fdb7f1, 0x088e8dfa, 0x9ab6f6f5,
0x3b4cbf9f, 0x4a5de3ab, 0xe6051d35, 0xa0e1d855, 0xd36b4cf1, 0xf544edeb, 0xb0e93524, 0xbebb8fbd,
0xa2d762cf, 0x49c92f54, 0x38b5f331, 0x7128a454, 0x48392905, 0xa65b1db8, 0x851c97bd, 0xd675cf2f
};
static const u32 s7[256] = {
0x85e04019, 0x332bf567, 0x662dbfff, 0xcfc65693, 0x2a8d7f6f, 0xab9bc912, 0xde6008a1, 0x2028da1f,
0x0227bce7, 0x4d642916, 0x18fac300, 0x50f18b82, 0x2cb2cb11, 0xb232e75c, 0x4b3695f2, 0xb28707de,
0xa05fbcf6, 0xcd4181e9, 0xe150210c, 0xe24ef1bd, 0xb168c381, 0xfde4e789, 0x5c79b0d8, 0x1e8bfd43,
0x4d495001, 0x38be4341, 0x913cee1d, 0x92a79c3f, 0x089766be, 0xbaeeadf4, 0x1286becf, 0xb6eacb19,
0x2660c200, 0x7565bde4, 0x64241f7a, 0x8248dca9, 0xc3b3ad66, 0x28136086, 0x0bd8dfa8, 0x356d1cf2,
0x107789be, 0xb3b2e9ce, 0x0502aa8f, 0x0bc0351e, 0x166bf52a, 0xeb12ff82, 0xe3486911, 0xd34d7516,
0x4e7b3aff, 0x5f43671b, 0x9cf6e037, 0x4981ac83, 0x334266ce, 0x8c9341b7, 0xd0d854c0, 0xcb3a6c88,
0x47bc2829, 0x4725ba37, 0xa66ad22b, 0x7ad61f1e, 0x0c5cbafa, 0x4437f107, 0xb6e79962, 0x42d2d816,
0x0a961288, 0xe1a5c06e, 0x13749e67, 0x72fc081a, 0xb1d139f7, 0xf9583745, 0xcf19df58, 0xbec3f756,
0xc06eba30, 0x07211b24, 0x45c28829, 0xc95e317f, 0xbc8ec511, 0x38bc46e9, 0xc6e6fa14, 0xbae8584a,
0xad4ebc46, 0x468f508b, 0x7829435f, 0xf124183b, 0x821dba9f, 0xaff60ff4, 0xea2c4e6d, 0x16e39264,
0x92544a8b, 0x009b4fc3, 0xaba68ced, 0x9ac96f78, 0x06a5b79a, 0xb2856e6e, 0x1aec3ca9, 0xbe838688,
0x0e0804e9, 0x55f1be56, 0xe7e5363b, 0xb3a1f25d, 0xf7debb85, 0x61fe033c, 0x16746233, 0x3c034c28,
0xda6d0c74, 0x79aac56c, 0x3ce4e1ad, 0x51f0c802, 0x98f8f35a, 0x1626a49f, 0xeed82b29, 0x1d382fe3,
0x0c4fb99a, 0xbb325778, 0x3ec6d97b, 0x6e77a6a9, 0xcb658b5c, 0xd45230c7, 0x2bd1408b, 0x60c03eb7,
0xb9068d78, 0xa33754f4, 0xf430c87d, 0xc8a71302, 0xb96d8c32, 0xebd4e7be, 0xbe8b9d2d, 0x7979fb06,
0xe7225308, 0x8b75cf77, 0x11ef8da4, 0xe083c858, 0x8d6b786f, 0x5a6317a6, 0xfa5cf7a0, 0x5dda0033,
0xf28ebfb0, 0xf5b9c310, 0xa0eac280, 0x08b9767a, 0xa3d9d2b0, 0x79d34217, 0x021a718d, 0x9ac6336a,
0x2711fd60, 0x438050e3, 0x069908a8, 0x3d7fedc4, 0x826d2bef, 0x4eeb8476, 0x488dcf25, 0x36c9d566,
0x28e74e41, 0xc2610aca, 0x3d49a9cf, 0xbae3b9df, 0xb65f8de6, 0x92aeaf64, 0x3ac7d5e6, 0x9ea80509,
0xf22b017d, 0xa4173f70, 0xdd1e16c3, 0x15e0d7f9, 0x50b1b887, 0x2b9f4fd5, 0x625aba82, 0x6a017962,
0x2ec01b9c, 0x15488aa9, 0xd716e740, 0x40055a2c, 0x93d29a22, 0xe32dbf9a, 0x058745b9, 0x3453dc1e,
0xd699296e, 0x496cff6f, 0x1c9f4986, 0xdfe2ed07, 0xb87242d1, 0x19de7eae, 0x053e561a, 0x15ad6f8c,
0x66626c1c, 0x7154c24c, 0xea082b2a, 0x93eb2939, 0x17dcb0f0, 0x58d4f2ae, 0x9ea294fb, 0x52cf564c,
0x9883fe66, 0x2ec40581, 0x763953c3, 0x01d6692e, 0xd3a0c108, 0xa1e7160e, 0xe4f2dfa6, 0x693ed285,
0x74904698, 0x4c2b0edd, 0x4f757656, 0x5d393378, 0xa132234f, 0x3d321c5d, 0xc3f5e194, 0x4b269301,
0xc79f022f, 0x3c997e7e, 0x5e4f9504, 0x3ffafbbd, 0x76f7ad0e, 0x296693f4, 0x3d1fce6f, 0xc61e45be,
0xd3b5ab34, 0xf72bf9b7, 0x1b0434c0, 0x4e72b567, 0x5592a33d, 0xb5229301, 0xcfd2a87f, 0x60aeb767,
0x1814386b, 0x30bcc33d, 0x38a0c07d, 0xfd1606f2, 0xc363519b, 0x589dd390, 0x5479f8e6, 0x1cb8d647,
0x97fd61a9, 0xea7759f4, 0x2d57539d, 0x569a58cf, 0xe84e63ad, 0x462e1b78, 0x6580f87e, 0xf3817914,
0x91da55f4, 0x40a230f3, 0xd1988f35, 0xb6e318d2, 0x3ffa50bc, 0x3d40f021, 0xc3c0bdae, 0x4958c24c,
0x518f36b2, 0x84b1d370, 0x0fedce83, 0x878ddada, 0xf2a279c7, 0x94e01be8, 0x90716f4b, 0x954b8aa3
};
static const u32 s8[256] = {
0xe216300d, 0xbbddfffc, 0xa7ebdabd, 0x35648095, 0x7789f8b7, 0xe6c1121b, 0x0e241600, 0x052ce8b5,
0x11a9cfb0, 0xe5952f11, 0xece7990a, 0x9386d174, 0x2a42931c, 0x76e38111, 0xb12def3a, 0x37ddddfc,
0xde9adeb1, 0x0a0cc32c, 0xbe197029, 0x84a00940, 0xbb243a0f, 0xb4d137cf, 0xb44e79f0, 0x049eedfd,
0x0b15a15d, 0x480d3168, 0x8bbbde5a, 0x669ded42, 0xc7ece831, 0x3f8f95e7, 0x72df191b, 0x7580330d,
0x94074251, 0x5c7dcdfa, 0xabbe6d63, 0xaa402164, 0xb301d40a, 0x02e7d1ca, 0x53571dae, 0x7a3182a2,
0x12a8ddec, 0xfdaa335d, 0x176f43e8, 0x71fb46d4, 0x38129022, 0xce949ad4, 0xb84769ad, 0x965bd862,
0x82f3d055, 0x66fb9767, 0x15b80b4e, 0x1d5b47a0, 0x4cfde06f, 0xc28ec4b8, 0x57e8726e, 0x647a78fc,
0x99865d44, 0x608bd593, 0x6c200e03, 0x39dc5ff6, 0x5d0b00a3, 0xae63aff2, 0x7e8bd632, 0x70108c0c,
0xbbd35049, 0x2998df04, 0x980cf42a, 0x9b6df491, 0x9e7edd53, 0x06918548, 0x58cb7e07, 0x3b74ef2e,
0x522fffb1, 0xd24708cc, 0x1c7e27cd, 0xa4eb215b, 0x3cf1d2e2, 0x19b47a38, 0x424f7618, 0x35856039,
0x9d17dee7, 0x27eb35e6, 0xc9aff67b, 0x36baf5b8, 0x09c467cd, 0xc18910b1, 0xe11dbf7b, 0x06cd1af8,
0x7170c608, 0x2d5e3354, 0xd4de495a, 0x64c6d006, 0xbcc0c62c, 0x3dd00db3, 0x708f8f34, 0x77d51b42,
0x264f620f, 0x24b8d2bf, 0x15c1b79e, 0x46a52564, 0xf8d7e54e, 0x3e378160, 0x7895cda5, 0x859c15a5,
0xe6459788, 0xc37bc75f, 0xdb07ba0c, 0x0676a3ab, 0x7f229b1e, 0x31842e7b, 0x24259fd7, 0xf8bef472,
0x835ffcb8, 0x6df4c1f2, 0x96f5b195, 0xfd0af0fc, 0xb0fe134c, 0xe2506d3d, 0x4f9b12ea, 0xf215f225,
0xa223736f, 0x9fb4c428, 0x25d04979, 0x34c713f8, 0xc4618187, 0xea7a6e98, 0x7cd16efc, 0x1436876c,
0xf1544107, 0xbedeee14, 0x56e9af27, 0xa04aa441, 0x3cf7c899, 0x92ecbae6, 0xdd67016d, 0x151682eb,
0xa842eedf, 0xfdba60b4, 0xf1907b75, 0x20e3030f, 0x24d8c29e, 0xe139673b, 0xefa63fb8, 0x71873054,
0xb6f2cf3b, 0x9f326442, 0xcb15a4cc, 0xb01a4504, 0xf1e47d8d, 0x844a1be5, 0xbae7dfdc, 0x42cbda70,
0xcd7dae0a, 0x57e85b7a, 0xd53f5af6, 0x20cf4d8c, 0xcea4d428, 0x79d130a4, 0x3486ebfb, 0x33d3cddc,
0x77853b53, 0x37effcb5, 0xc5068778, 0xe580b3e6, 0x4e68b8f4, 0xc5c8b37e, 0x0d809ea2, 0x398feb7c,
0x132a4f94, 0x43b7950e, 0x2fee7d1c, 0x223613bd, 0xdd06caa2, 0x37df932b, 0xc4248289, 0xacf3ebc3,
0x5715f6b7, 0xef3478dd, 0xf267616f, 0xc148cbe4, 0x9052815e, 0x5e410fab, 0xb48a2465, 0x2eda7fa4,
0xe87b40e4, 0xe98ea084, 0x5889e9e1, 0xefd390fc, 0xdd07d35b, 0xdb485694, 0x38d7e5b2, 0x57720101,
0x730edebc, 0x5b643113, 0x94917e4f, 0x503c2fba, 0x646f1282, 0x7523d24a, 0xe0779695, 0xf9c17a8f,
0x7a5b2121, 0xd187b896, 0x29263a4d, 0xba510cdf, 0x81f47c9f, 0xad1163ed, 0xea7b5965, 0x1a00726e,
0x11403092, 0x00da6d77, 0x4a0cdd61, 0xad1f4603, 0x605bdfb0, 0x9eedc364, 0x22ebe6a8, 0xcee7d28a,
0xa0e736a0, 0x5564a6b9, 0x10853209, 0xc7eb8f37, 0x2de705ca, 0x8951570f, 0xdf09822b, 0xbd691a6c,
0xaa12e4f2, 0x87451c0f, 0xe0f6a27a, 0x3ada4819, 0x4cf1764f, 0x0d771c2b, 0x67cdb156, 0x350d8384,
0x5938fa0f, 0x42399ef3, 0x36997b07, 0x0e84093d, 0x4aa93e61, 0x8360d87b, 0x1fa98b0c, 0x1149382c,
0xe97625a5, 0x0614d1b7, 0x0e25244b, 0x0c768347, 0x589e8d82, 0x0d2059d1, 0xa466bb1e, 0xf8da0a82,
0x04f19130, 0xba6e4ec0, 0x99265164, 0x1ee7230d, 0x50b2ad80, 0xeaee6801, 0x8db2a283, 0xea8bf59e
};
static u32
function_F( CAST5_context *bc, u32 x )
{
u16 a, b, c, d, y;
d = x & 0x00ff;
x >>= 8;
c = x & 0x00ff;
x >>= 8;
b = x & 0x00ff;
x >>= 8;
a = x & 0x00ff;
y = bc->s0[a] + bc->s1[b];
y ^= bc->s2[c];
y += bc->s3[d];
return y;
}
static void
encrypt( CAST5_context *bc, u32 *ret_xl, u32 *ret_xr )
{
u32 xl, xr, temp;
int i;
/* (L0,R0) <-- (m1...m64). (Split the plaintext into left and
* right 32-bit halves L0 = m1...m32 and R0 = m33...m64.)
*/
xl = *ret_xl;
xr = *ret_xr;
for(i=0; i < 16; i++ ) {
/* (16 rounds) for i from 1 to 16, compute Li and Ri as follows:
* Li = Ri-1;
* Ri = Li-1 ^ f(Ri-1,Kmi,Kri), where f is defined in Section 2.2
* (f is of Type 1, Type 2, or Type 3, depending on i).
*/
xl ^= bc->p[i];
xr ^= function_F(bc, xl);
temp = xl;
xl = xr;
xr = temp;
}
/* c1...c64 <-- (R16,L16). (Exchange final blocks L16, R16 and
* concatenate to form the ciphertext.) */
temp = xl;
xl = xr;
xr = temp;
xr ^= bc->p[CAST5_ROUNDS];
xl ^= bc->p[CAST5_ROUNDS+1];
*ret_xl = xl;
*ret_xr = xr;
}
static void
decrypted( CAST5_context *bc, u32 *ret_xl, u32 *ret_xr )
{
u32 xl, xr, temp;
int i;
xl = *ret_xl;
xr = *ret_xr;
for(i=CAST5_ROUNDS+1; i > 1; i-- ) {
xl ^= bc->p[i];
xr ^= function_F(bc, xl);
temp = xl;
xl = xr;
xr = temp;
}
temp = xl;
xl = xr;
xr = temp;
xr ^= bc->p[1];
xl ^= bc->p[0];
*ret_xl = xl;
*ret_xr = xr;
}
static void
encrypted_block( CAST5_context *bc, byte *outbuf, byte *inbuf )
{
u32 d1, d2;
d1 = ((u32*)inbuf)[0];
d2 = ((u32*)inbuf)[1];
encrypted( bc, &d1, &d2 );
((u32*)outbuf)[0] = d1;
((u32*)outbuf)[1] = d2;
}
static void
decrypted_block( CAST5_context *bc, byte *outbuf, byte *inbuf )
{
u32 d1, d2;
d1 = ((u32*)inbuf)[0];
d2 = ((u32*)inbuf)[1];
decrypted( bc, &d1, &d2 );
((u32*)outbuf)[0] = d1;
((u32*)outbuf)[1] = d2;
}
void
cast5_setkey( CAST5_context *c, byte *key, unsigned keylen )
{
int i, j, k;
u32 data, datal, datar;
for(i=0; i < CAST5_ROUNDS+2; i++ )
c->p[i] = ps[i];
for(i=0; i < 256; i++ ) {
c->s0[i] = ks0[i];
c->s1[i] = ks1[i];
c->s2[i] = ks2[i];
c->s3[i] = ks3[i];
}
for(i=j=0; i < BLOWFISH_ROUNDS+2; i++ ) {
data = 0;
for(k=0; k < 4; k++) {
data = (data << 8) | key[j];
if( ++j >= keylen )
j = 0;
}
c->p[i] ^= data;
}
datal = datar = 0;
for(i=0; i < CAST5_ROUNDS+2; i += 2 ) {
encrypted( c, &datal, &datar );
c->p[i] = datal;
c->p[i+1] = datar;
}
for(i=0; i < 256; i += 2 ) {
encrypted( c, &datal, &datar );
c->s0[i] = datal;
c->s0[i+1] = datar;
}
for(i=0; i < 256; i += 2 ) {
encrypted( c, &datal, &datar );
c->s1[i] = datal;
c->s1[i+1] = datar;
}
for(i=0; i < 256; i += 2 ) {
encrypted( c, &datal, &datar );
c->s2[i] = datal;
c->s2[i+1] = datar;
}
for(i=0; i < 256; i += 2 ) {
encrypted( c, &datal, &datar );
c->s3[i] = datal;
c->s3[i+1] = datar;
}
}
void
cast5_setiv( CAST5_context *c, byte *iv )
{
if( iv )
memcpy( c->iv, iv, CAST5_BLOCKSIZE );
else
memset( c->iv, 0, CAST5_BLOCKSIZE );
c->count = 0;
encrypted_block( c, c->eniv, c->iv );
}
void
cast5_encode( CAST5_context *c, byte *outbuf, byte *inbuf,
unsigned nblocks )
{
unsigned n;
for(n=0; n < nblocks; n++ ) {
encrypted_block( c, outbuf, inbuf );
inbuf += CAST5_BLOCKSIZE;;
outbuf += CAST5_BLOCKSIZE;
}
}
void
cast5_decode( CAST5_context *c, byte *outbuf, byte *inbuf,
unsigned nblocks )
{
unsigned n;
for(n=0; n < nblocks; n++ ) {
decrypted_block( c, outbuf, inbuf );
inbuf += CAST5_BLOCKSIZE;;
outbuf += CAST5_BLOCKSIZE;
}
}
/****************
* FIXME: Make use of bigger chunks
* (out may overlap with a or b)
*/
static void
xorblock( byte *out, byte *a, byte *b, unsigned count )
{
for( ; count ; count--, a++, b++ )
*out++ = *a ^ *b ;
}
/****************
* Encode buffer in CFB mode. nbytes can be an arbitrary value.
*/
void
cast5_encode_cfb( CAST5_context *c, byte *outbuf,
byte *inbuf, unsigned nbytes)
{
unsigned n;
if( c->count ) { /* must make a full block first */
assert( c->count < CAST5_BLOCKSIZE );
n = CAST5_BLOCKSIZE - c->count;
if( n > nbytes )
n = nbytes;
xorblock( outbuf, c->eniv+c->count, inbuf, n);
memcpy( c->iv+c->count, outbuf, n);
c->count += n;
nbytes -= n;
inbuf += n;
outbuf += n;
assert( c->count <= CAST5_BLOCKSIZE);
if( c->count == CAST5_BLOCKSIZE ) {
encrypted_block( c, c->eniv, c->iv );
c->count = 0;
}
else
return;
}
assert(!c->count);
while( nbytes >= CAST5_BLOCKSIZE ) {
xorblock( outbuf, c->eniv, inbuf, CAST5_BLOCKSIZE);
memcpy( c->iv, outbuf, CAST5_BLOCKSIZE);
encrypted_block( c, c->eniv, c->iv );
nbytes -= CAST5_BLOCKSIZE;
inbuf += CAST5_BLOCKSIZE;
outbuf += CAST5_BLOCKSIZE;
}
if( nbytes ) {
xorblock( outbuf, c->eniv, inbuf, nbytes );
memcpy( c->iv, outbuf, nbytes );
c->count = nbytes;
}
}
void
cast5_decode_cfb( CAST5_context *c, byte *outbuf,
byte *inbuf, unsigned nbytes)
{
unsigned n;
if( c->count ) { /* must make a full block first */
assert( c->count < CAST5_BLOCKSIZE );
n = CAST5_BLOCKSIZE - c->count;
if( n > nbytes )
n = nbytes;
memcpy( c->iv+c->count, inbuf, n);
xorblock( outbuf, c->eniv+c->count, inbuf, n);
c->count += n;
nbytes -= n;
inbuf += n;
outbuf += n;
assert( c->count <= CAST5_BLOCKSIZE);
if( c->count == CAST5_BLOCKSIZE ) {
encrypted_block( c, c->eniv, c->iv );
c->count = 0;
}
else
return;
}
assert(!c->count);
while( nbytes >= CAST5_BLOCKSIZE ) {
memcpy( c->iv, inbuf, CAST5_BLOCKSIZE);
xorblock( outbuf, c->eniv, inbuf, CAST5_BLOCKSIZE);
encrypted_block( c, c->eniv, c->iv );
nbytes -= CAST5_BLOCKSIZE;
inbuf += CAST5_BLOCKSIZE;
outbuf += CAST5_BLOCKSIZE;
}
if( nbytes ) {
memcpy( c->iv, inbuf, nbytes );
xorblock( outbuf, c->eniv, inbuf, nbytes );
c->count = nbytes;
}
}

50
cipher/cast5.h Normal file
View File

@ -0,0 +1,50 @@
/* cast5.h
* Copyright (c) 1997 by Werner Koch (dd9jn)
*
* This file is part of G10.
*
* G10 is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* G10 is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#ifndef G10_CAST5_H
#define G10_CAST5_H
#include "types.h"
#define CAST5_BLOCKSIZE 8
typedef struct {
u32 s0[256];
u32 s1[256];
u32 s2[256];
u32 s3[256];
u32 p[16+2];
byte iv[CAST5_BLOCKSIZE];
byte eniv[CAST5_BLOCKSIZE];
int count;
} CAST5_context;
void cast5_setkey( CAST5_context *c, byte *key, unsigned keylen );
void cast5_setiv( CAST5_context *c, byte *iv );
void cast5_encode( CAST5_context *c, byte *outbuf, byte *inbuf,
unsigned nblocks );
void cast5_decode( CAST5_context *c, byte *outbuf, byte *inbuf,
unsigned nblocks );
void cast5_encode_cfb( CAST5_context *c, byte *outbuf,
byte *inbuf, unsigned nbytes);
void cast5_decode_cfb( CAST5_context *c, byte *outbuf,
byte *inbuf, unsigned nbytes);
#endif /*G10_CAST5_H*/

245
cipher/dsa.c Normal file
View File

@ -0,0 +1,245 @@
/* dsa.c - DSA signature scheme
* Copyright (c) 1997 by Werner Koch (dd9jn)
*
* This file is part of G10.
*
* G10 is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* G10 is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "util.h"
#include "mpi.h"
#include "cipher.h"
#include "dsa.h"
void
dsa_free_public_key( DSA_public_key *pk )
{
mpi_free( pk->p ); pk->p = NULL;
mpi_free( pk->g ); pk->g = NULL;
mpi_free( pk->y ); pk->y = NULL;
}
void
dsa_free_secret_key( DSA_secret_key *sk )
{
mpi_free( sk->p ); sk->p = NULL;
mpi_free( sk->g ); sk->g = NULL;
mpi_free( sk->y ); sk->y = NULL;
mpi_free( sk->x ); sk->x = NULL;
}
static void
test_keys( DSA_public_key *pk, DSA_secret_key *sk, unsigned nbits )
{
MPI test = mpi_alloc( nbits / BITS_PER_MPI_LIMB );
MPI out1_a = mpi_alloc( nbits / BITS_PER_MPI_LIMB );
MPI out1_b = mpi_alloc( nbits / BITS_PER_MPI_LIMB );
MPI out2 = mpi_alloc( nbits / BITS_PER_MPI_LIMB );
mpi_set_bytes( test, nbits, get_random_byte, 0 );
dsa_sign( out1_a, out1_b, test, sk );
if( !dsa_verify( out1_a, out1_b, test, pk ) )
log_fatal("DSA operation: sign, verify failed\n");
mpi_free( test );
mpi_free( out1_a );
mpi_free( out1_b );
mpi_free( out2 );
}
/****************
* generate a random secret exponent k from prime p, so
* that k is relatively prime to p-1
*/
static MPI
gen_k( MPI p )
{
MPI k = mpi_alloc_secure( mpi_get_nlimbs(p) );
MPI temp = mpi_alloc( mpi_get_nlimbs(p) );
MPI p_1 = mpi_copy(p);
unsigned nbits = mpi_get_nbits(p);
if( DBG_CIPHER )
log_debug("choosing a random k ");
mpi_sub_ui( p_1, p, 1);
for(;;) {
if( DBG_CIPHER )
fputc('.', stderr);
mpi_set_bytes( k, nbits, get_random_byte, 1 );
mpi_set_bit( k, nbits-1 ); /* make sure it's high (really needed?) */
if( mpi_cmp( k, p_1 ) >= 0 )
continue; /* is not smaller than (p-1) */
if( mpi_gcd( temp, k, p_1 ) )
break; /* okay, k is relatively prime to (p-1) */
}
if( DBG_CIPHER )
fputc('\n', stderr);
mpi_free(p_1);
mpi_free(temp);
return k;
}
/****************
* Generate a key pair with a key of size NBITS
* Returns: 2 structures filles with all needed values
*/
void
dsa_generate( DSA_public_key *pk, DSA_secret_key *sk, unsigned nbits )
{
MPI p; /* the prime */
MPI g;
MPI x; /* the secret exponent */
MPI y;
p = generate_public_prime( nbits );
/* FIXME: check wether we shall assert that (p-1)/2 is also prime
* Schneier votes against it
*/
g = mpi_alloc_set_ui(3);
/* select a random number */
x = mpi_alloc_secure( nbits/BITS_PER_MPI_LIMB );
if( DBG_CIPHER )
log_debug("choosing a random x ");
do {
if( DBG_CIPHER )
fputc('.', stderr);
mpi_set_bytes( x, nbits, get_random_byte, 1 ); /* fixme: should be 2 */
mpi_set_bit( x, nbits-1 ); /* make sure it's high (needed?) */
} while( mpi_cmp( x, p ) >= 0 ); /* x must be smaller than p */
y = mpi_alloc(nbits/BITS_PER_MPI_LIMB);
mpi_powm( y, g, x, p );
if( DBG_CIPHER ) {
fputc('\n', stderr);
log_mpidump("dsa p= ", p );
log_mpidump("dsa g= ", g );
log_mpidump("dsa y= ", y );
log_mpidump("dsa x= ", x );
}
/* copy the stuff to the key structures */
pk->p = mpi_copy(p);
pk->g = mpi_copy(g);
pk->y = mpi_copy(y);
sk->p = p;
sk->g = g;
sk->y = y;
sk->x = x;
/* now we can test our keys (this should never fail!) */
test_keys( pk, sk, nbits - 64 );
}
/****************
* Test wether the secret key is valid.
* Returns: if this is a valid key.
*/
int
dsa_check_secret_key( DSA_secret_key *sk )
{
int rc;
MPI y = mpi_alloc( mpi_get_nlimbs(sk->y) );
mpi_powm( y, sk->g, sk->x, sk->p );
rc = !mpi_cmp( y, sk->y );
mpi_free( y );
return rc;
}
/****************
* Make an Elgamal signature out of INPUT
*/
void
dsa_sign(MPI a, MPI b, MPI input, DSA_secret_key *skey )
{
MPI k;
MPI t = mpi_alloc( mpi_get_nlimbs(a) );
MPI inv = mpi_alloc( mpi_get_nlimbs(a) );
MPI p_1 = mpi_copy(skey->p);
/*
* b = (t * inv) mod (p-1)
* b = (t * inv(k,(p-1),(p-1)) mod (p-1)
* b = (((M-x*a) mod (p-1)) * inv(k,(p-1),(p-1))) mod (p-1)
*
*/
mpi_sub_ui(p_1, p_1, 1);
k = gen_k( skey->p );
mpi_powm( a, skey->g, k, skey->p );
mpi_mul(t, skey->x, a );
mpi_subm(t, input, t, p_1 );
while( mpi_is_neg(t) )
mpi_add(t, t, p_1);
mpi_invm(inv, k, p_1 );
mpi_mulm(b, t, inv, p_1 );
#if 0
if( DBG_CIPHER ) {
log_mpidump("dsa sign p= ", skey->p);
log_mpidump("dsa sign g= ", skey->g);
log_mpidump("dsa sign y= ", skey->y);
log_mpidump("dsa sign x= ", skey->x);
log_mpidump("dsa sign k= ", k);
log_mpidump("dsa sign M= ", input);
log_mpidump("dsa sign a= ", a);
log_mpidump("dsa sign b= ", b);
}
#endif
mpi_free(k);
mpi_free(t);
mpi_free(inv);
mpi_free(p_1);
}
/****************
* Returns true if the signature composed from A and B is valid.
*/
int
dsa_verify(MPI a, MPI b, MPI input, DSA_public_key *pkey )
{
int rc;
MPI t1 = mpi_alloc( mpi_get_nlimbs(a) );
MPI t2 = mpi_alloc( mpi_get_nlimbs(a) );
mpi_powm( t1, pkey->y, a, pkey->p );
mpi_powm( t2, a, b, pkey->p );
mpi_mulm( t1, t1, t2, pkey->p );
mpi_powm( t2, pkey->g, input, pkey->p );
rc = !mpi_cmp( t1, t2 );
mpi_free(t1);
mpi_free(t2);
return rc;
}

49
cipher/dsa.h Normal file
View File

@ -0,0 +1,49 @@
/* dsa.h - DSA signature scheme
* Copyright (c) 1997 by Werner Koch (dd9jn)
*
* This file is part of G10.
*
* G10 is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* G10 is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#ifndef G10_DSA_H
#define G10_DSA_H
#include "mpi.h"
typedef struct {
MPI p; /* prime */
MPI q; /* group order */
MPI g; /* group generator */
MPI y; /* g^x mod p */
} DSA_public_key;
typedef struct {
MPI p; /* prime */
MPI q; /* group order */
MPI g; /* group generator */
MPI y; /* g^x mod p */
MPI x; /* secret exponent */
} DSA_secret_key;
void dsa_free_public_key( DSA_public_key *pk );
void dsa_free_secret_key( DSA_secret_key *sk );
void dsa_generate( DSA_public_key *pk, DSA_secret_key *sk, unsigned nbits );
int dsa_check_secret_key( DSA_secret_key *sk );
void dsa_sign(MPI a, MPI b, MPI input, DSA_secret_key *skey);
int dsa_verify(MPI a, MPI b, MPI input, DSA_public_key *pkey);
#endif /*G10_DSA_H*/

61
cipher/elgamal.c
View File

@ -60,10 +60,10 @@ test_keys( ELG_public_key *pk, ELG_secret_key *sk, unsigned nbits )
mpi_set_bytes( test, nbits, get_random_byte, 0 );
elg_encrypted( out1_a, out1_b, test, pk );
elg_decrypted( out2, out1_a, out1_b, sk );
elg_encrypt( out1_a, out1_b, test, pk );
elg_decrypt( out2, out1_a, out1_b, sk );
if( mpi_cmp( test, out2 ) )
log_fatal("ElGamal operation: encrypted, decrypted failed\n");
log_fatal("ElGamal operation: encrypt, decrypt failed\n");
elg_sign( out1_a, out1_b, test, sk );
if( !elg_verify( out1_a, out1_b, test, pk ) )
@ -95,9 +95,10 @@ gen_k( MPI p )
if( DBG_CIPHER )
fputc('.', stderr);
mpi_set_bytes( k, nbits, get_random_byte, 1 );
mpi_set_bit( k, nbits-1 ); /* make sure it's high (really needed?) */
if( mpi_cmp( k, p_1 ) >= 0 )
continue; /* is not smaller than (p-1) */
if( !(mpi_cmp( k, p_1 ) < 0) ) /* check: k < (p-1) */
continue; /* no */
if( !(mpi_cmp_ui( k, 0 ) > 0) ) /* check: k > 0 */
continue; /* no */
if( mpi_gcd( temp, k, p_1 ) )
break; /* okay, k is relatively prime to (p-1) */
}
@ -117,17 +118,27 @@ void
elg_generate( ELG_public_key *pk, ELG_secret_key *sk, unsigned nbits )
{
MPI p; /* the prime */
MPI p_min1;
MPI g;
MPI x; /* the secret exponent */
MPI y;
MPI temp;
p = generate_public_prime( nbits );
/* FIXME: check wether we shall assert that (p-1)/2 is also prime
* Schneier votes against it
p = NULL;
p_min1 = mpi_alloc( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB );
temp = mpi_alloc( (nbits+BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB );
/*do {*/
mpi_free(p);
/* FIXME!!!! Should generate a strong prime */
p = generate_public_prime( nbits );
mpi_sub_ui(p_min1, p, 1);
/*} while if( mpi_gcd( temp, k, p_1 ) )*/
g = mpi_alloc_set_ui(3); /* fixme: 3 is bad (but better than 2)*/
/* select a random number which has these properties:
* 0 < x < p-1
*/
g = mpi_alloc_set_ui(3);
/* select a random number */
x = mpi_alloc_secure( nbits/BITS_PER_MPI_LIMB );
if( DBG_CIPHER )
log_debug("choosing a random x ");
@ -135,8 +146,7 @@ elg_generate( ELG_public_key *pk, ELG_secret_key *sk, unsigned nbits )
if( DBG_CIPHER )
fputc('.', stderr);
mpi_set_bytes( x, nbits, get_random_byte, 1 ); /* fixme: should be 2 */
mpi_set_bit( x, nbits-1 ); /* make sure it's high (needed?) */
} while( mpi_cmp( x, p ) >= 0 ); /* x must be smaller than p */
} while( !( mpi_cmp_ui( x, 0 )>0 && mpi_cmp( x, p_min1 )<0 ) );
y = mpi_alloc(nbits/BITS_PER_MPI_LIMB);
mpi_powm( y, g, x, p );
@ -149,7 +159,6 @@ elg_generate( ELG_public_key *pk, ELG_secret_key *sk, unsigned nbits )
log_mpidump("elg x= ", x );
}
/* copy the stuff to the key structures */
pk->p = mpi_copy(p);
pk->g = mpi_copy(g);
@ -161,6 +170,9 @@ elg_generate( ELG_public_key *pk, ELG_secret_key *sk, unsigned nbits )
/* now we can test our keys (this should never fail!) */
test_keys( pk, sk, nbits - 64 );
mpi_free( p_min1 );
mpi_free( temp );
}
@ -182,7 +194,7 @@ elg_check_secret_key( ELG_secret_key *sk )
void
elg_encrypted(MPI a, MPI b, MPI input, ELG_public_key *pkey )
elg_encrypt(MPI a, MPI b, MPI input, ELG_public_key *pkey )
{
MPI k;
@ -212,7 +224,7 @@ elg_encrypted(MPI a, MPI b, MPI input, ELG_public_key *pkey )
void
elg_decrypted(MPI output, MPI a, MPI b, ELG_secret_key *skey )
elg_decrypt(MPI output, MPI a, MPI b, ELG_secret_key *skey )
{
MPI t1 = mpi_alloc_secure( mpi_get_nlimbs( skey->p ) );
@ -288,13 +300,24 @@ int
elg_verify(MPI a, MPI b, MPI input, ELG_public_key *pkey )
{
int rc;
MPI t1 = mpi_alloc( mpi_get_nlimbs(a) );
MPI t2 = mpi_alloc( mpi_get_nlimbs(a) );
MPI t1;
MPI t2;
if( !(mpi_cmp_ui( a, 0 ) > 0 && mpi_cmp( a, pkey->p ) < 0) )
return 0; /* assertion 0 < a < p failed */
t1 = mpi_alloc( mpi_get_nlimbs(a) );
t2 = mpi_alloc( mpi_get_nlimbs(a) );
/* t1 = (y^a mod p) * (a^b mod p) mod p
* fixme: should be calculated by a call which evalutes
* t1 = y^a * a^b mod p
* direct.
*/
mpi_powm( t1, pkey->y, a, pkey->p );
mpi_powm( t2, a, b, pkey->p );
mpi_mulm( t1, t1, t2, pkey->p );
/* t2 = g ^ input mod p */
mpi_powm( t2, pkey->g, input, pkey->p );
rc = !mpi_cmp( t1, t2 );

4
cipher/elgamal.h
View File

@ -41,8 +41,8 @@ void elg_free_public_key( ELG_public_key *pk );
void elg_free_secret_key( ELG_secret_key *sk );
void elg_generate( ELG_public_key *pk, ELG_secret_key *sk, unsigned nbits );
int elg_check_secret_key( ELG_secret_key *sk );
void elg_encrypted(MPI a, MPI b, MPI input, ELG_public_key *pkey );
void elg_decrypted(MPI output, MPI a, MPI b, ELG_secret_key *skey );
void elg_encrypt(MPI a, MPI b, MPI input, ELG_public_key *pkey );
void elg_decrypt(MPI output, MPI a, MPI b, ELG_secret_key *skey );
void elg_sign(MPI a, MPI b, MPI input, ELG_secret_key *skey);
int elg_verify(MPI a, MPI b, MPI input, ELG_public_key *pkey);

20
cipher/md.c
View File

@ -32,6 +32,7 @@ md_okay( int algo )
switch( algo ) {
case DIGEST_ALGO_MD5:
case DIGEST_ALGO_RMD160:
case DIGEST_ALGO_SHA1:
return 0;
default:
return G10ERR_DIGEST_ALGO;
@ -51,6 +52,8 @@ md_open( int algo, int secure )
hd->u.md5 = md5_open( secure );
else if( algo == DIGEST_ALGO_RMD160 )
hd->u.rmd= rmd160_open( secure );
else if( algo == DIGEST_ALGO_SHA1 )
hd->u.sha1 = sha1_open( secure );
else
return NULL;
@ -70,6 +73,8 @@ md_copy( MD_HANDLE *a )
hd->u.md5 = md5_copy( a->u.md5 );
else if( a->algo == DIGEST_ALGO_RMD160 )
hd->u.rmd= rmd160_copy( a->u.rmd );
else if( a->algo == DIGEST_ALGO_SHA1 )
hd->u.sha1= sha1_copy( a->u.sha1 );
else
log_bug(NULL);
return hd;
@ -89,6 +94,8 @@ md_makecontainer( int algo )
;
else if( algo == DIGEST_ALGO_RMD160 )
;
else if( algo == DIGEST_ALGO_SHA1 )
;
else
log_bug(NULL);
return hd;
@ -103,6 +110,8 @@ md_close(MD_HANDLE *a)
md5_close( a->u.md5 );
else if( a->algo == DIGEST_ALGO_RMD160 )
rmd160_close( a->u.rmd );
else if( a->algo == DIGEST_ALGO_SHA1 )
sha1_close( a->u.sha1 );
else
log_bug(NULL);
m_free(a);
@ -116,6 +125,8 @@ md_write( MD_HANDLE *a, byte *inbuf, size_t inlen)
md5_write( a->u.md5, inbuf, inlen );
else if( a->algo == DIGEST_ALGO_RMD160 )
rmd160_write( a->u.rmd, inbuf, inlen );
else if( a->algo == DIGEST_ALGO_SHA1 )
sha1_write( a->u.sha1, inbuf, inlen );
else
log_bug(NULL);
}
@ -128,6 +139,8 @@ md_putchar( MD_HANDLE *a, int c )
md5_putchar( a->u.md5, c );
else if( a->algo == DIGEST_ALGO_RMD160 )
rmd160_putchar( a->u.rmd, c );
else if( a->algo == DIGEST_ALGO_SHA1 )
sha1_putchar( a->u.sha1, c );
else
log_bug(NULL);
}
@ -151,6 +164,13 @@ md_final(MD_HANDLE *a)
}
return a->data;
}
else if( a->algo == DIGEST_ALGO_SHA1 ) {
if( !a->datalen ) {
memcpy(a->data, sha1_final( a->u.sha1 ), 20 );
a->datalen = 20;
}
return a->data;
}
else
log_bug(NULL);
}

94
cipher/random.c
View File

@ -22,14 +22,23 @@
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include "util.h"
#include "cipher.h"
static struct {
int level;
struct cache {
int len;
byte buffer[100]; /* fixme: should this be allocated in secure space? */
} cache;
byte buffer[100]; /* fixme: should be allocalted with m_alloc_secure()*/
};
static struct cache cache[3];
#define MASK_LEVEL(a) do {if( a > 2 ) a = 2; else if( a < 0 ) a = 0; } while(0)
static int open_device( const char *name, int minor );
static void fill_buffer( byte *buffer, size_t length, int level );
/****************
* Fill the buffer with LENGTH bytes of cryptologic strong
@ -39,30 +48,77 @@ static struct {
void
randomize_buffer( byte *buffer, size_t length, int level )
{
FILE *fp;
if( level == 2 )
level = 1; /* 2 is much too slow */
/* FIXME: do a stat and check that we have the correct device numbers*/
fp = fopen(level < 2? "/dev/urandom":"/dev/random", "r");
if( !fp )
log_fatal("can't open random device: %s\n", strerror(errno) );
for( ; length; length-- )
*buffer++ = getc(fp);
fclose(fp);
*buffer++ = get_random_byte(level);
}
byte
get_random_byte( int level )
{
if( !cache.len || cache.level < level ) {
randomize_buffer(cache.buffer, DIM(cache.buffer), level );
cache.level = level;
cache.len = DIM(cache.buffer);
MASK_LEVEL(level);
if( !cache[level].len ) {
fill_buffer(cache[level].buffer, DIM(cache[level].buffer), level );
cache[level].len = DIM(cache[level].buffer);
}
return cache.buffer[--cache.len];
return cache[level].buffer[--cache[level].len];
}
static int
open_device( const char *name, int minor )
{
int fd;
struct stat sb;
fd = open( name, O_RDONLY );
if( fd == -1 )
log_fatal("can't open %s: %s\n", name, strerror(errno) );
if( fstat( fd, &sb ) )
log_fatal("stat() off %s failed: %s\n", name, strerror(errno) );
if( !S_ISCHR(sb.st_mode)
#ifdef __linux__
|| (sb.st_rdev >> 8) != 1
|| (sb.st_rdev & 0xff) != minor
#endif
)
log_fatal("invalid random device!\n" );
return fd;
}
static void
fill_buffer( byte *buffer, size_t length, int level )
{
FILE *fp;
static int fd_urandom = -1;
static int fd_random = -1;
int fd;
int n;
if( level == 2 ) {
if( fd_random == -1 )
fd_random = open_device( "/dev/random", 8 );
fd = fd_random;
}
else {
if( fd_urandom == -1 )
fd_urandom = open_device( "/dev/urandom", 9 );
fd = fd_urandom;
}
do {
do {
n = read(fd, buffer, length );
} while( n == -1 && errno == EINTR );
if( n == -1 )
log_fatal("read error on random device: %s\n", strerror(errno) );
buffer += n;
length -= n;
} while( length );
}

214
cipher/rsa.c
View File

@ -1,214 +0,0 @@
/* rsa.c - RSA function
* Copyright (c) 1997 by Werner Koch (dd9jn)
*
* ATTENTION: This code should not be exported from the United States
* nor should it be used their without a license agreement with PKP.
* The RSA alorithm is protected by U.S. Patent #4,405,829 which
* expires on September 20, 2000!
*
* For a description of the algorithm, see:
* Bruce Schneier: Applied Cryptography. John Wiley & Sons, 1996.
* ISBN 0-471-11709-9. Pages 466 ff.
*
* This file is part of G10.
*
* G10 is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* G10 is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "util.h"
#include "mpi.h"
#include "cipher.h"
void
rsa_free_public_key( RSA_public_key *pk )
{
mpi_free( pk->n ); pk->n = NULL;
mpi_free( pk->e ); pk->e = NULL;
}
void
rsa_free_secret_key( RSA_secret_key *sk )
{
mpi_free( sk->e ); sk->e = NULL;
mpi_free( sk->n ); sk->n = NULL;
mpi_free( sk->p ); sk->p = NULL;
mpi_free( sk->q ); sk->q = NULL;
mpi_free( sk->d ); sk->d = NULL;
mpi_free( sk->u ); sk->u = NULL;
}
static void
test_keys( RSA_public_key *pk, RSA_secret_key *sk, unsigned nbits )
{
MPI test = mpi_alloc( nbits / BITS_PER_MPI_LIMB );
MPI out1 = mpi_alloc( nbits / BITS_PER_MPI_LIMB );
MPI out2 = mpi_alloc( nbits / BITS_PER_MPI_LIMB );
mpi_set_bytes( test, nbits, get_random_byte, 0 );
rsa_public( out1, test, pk );
rsa_secret( out2, out1, sk );
if( mpi_cmp( test, out2 ) )
log_fatal("RSA operation: public, secret failed\n");
rsa_secret( out1, test, sk );
rsa_public( out2, out1, pk );
if( mpi_cmp( test, out2 ) )
log_fatal("RSA operation: secret, public failed\n");
mpi_free( test );
mpi_free( out1 );
mpi_free( out2 );
}
/****************
* Generate a key pair with a key of size NBITS
* Returns: 2 structures filles with all needed values
*/
void
rsa_generate( RSA_public_key *pk, RSA_secret_key *sk, unsigned nbits )
{
MPI p, q; /* the two primes */
MPI d; /* the private key */
MPI u;
MPI t1, t2;
MPI n; /* the public key */
MPI e; /* the exponent */
MPI phi; /* helper: (p-a)(q-1) */
MPI g;
MPI f;
/* select two (very secret) primes */
p = generate_secret_prime( nbits / 2 );
q = generate_secret_prime( nbits / 2 );
if( mpi_cmp( p, q ) > 0 ) /* p shall be smaller than q (for calc of u)*/
mpi_swap(p,q);
/* calculate Euler totient: phi = (p-1)(q-1) */
t1 = mpi_alloc_secure( mpi_get_nlimbs(p) );
t2 = mpi_alloc_secure( mpi_get_nlimbs(p) );
phi = mpi_alloc_secure( nbits / BITS_PER_MPI_LIMB );
g = mpi_alloc_secure( nbits / BITS_PER_MPI_LIMB );
f = mpi_alloc_secure( nbits / BITS_PER_MPI_LIMB );
mpi_sub_ui( t1, p, 1 );
mpi_sub_ui( t2, q, 1 );
mpi_mul( phi, t1, t2 );
mpi_gcd(g, t1, t2);
mpi_fdiv_q(f, phi, g);
/* multiply them to make the private key */
n = mpi_alloc( nbits / BITS_PER_MPI_LIMB );
mpi_mul( n, p, q );
/* find a public exponent */
e = mpi_alloc(1);
mpi_set_ui( e, 17); /* start with 17 */
while( !mpi_gcd(t1, e, phi) ) /* (while gcd is not 1) */
mpi_add_ui( e, e, 2);
/* calculate the secret key d = e^1 mod phi */
d = mpi_alloc( nbits / BITS_PER_MPI_LIMB );
mpi_invm(d, e, f );
/* calculate the inverse of p and q (used for chinese remainder theorem)*/
u = mpi_alloc( nbits / BITS_PER_MPI_LIMB );
mpi_invm(u, p, q );
if( DBG_CIPHER ) {
log_mpidump(" p= ", p );
log_mpidump(" q= ", q );
log_mpidump("phi= ", phi );
log_mpidump(" g= ", g );
log_mpidump(" f= ", f );
log_mpidump(" n= ", n );
log_mpidump(" e= ", e );
log_mpidump(" d= ", d );
log_mpidump(" u= ", u );
}
mpi_free(t1);
mpi_free(t2);
mpi_free(phi);
mpi_free(f);
mpi_free(g);
pk->n = mpi_copy(n);
pk->e = mpi_copy(e);
sk->n = n;
sk->e = e;
sk->p = p;
sk->q = q;
sk->d = d;
sk->u = u;
/* now we can test our keys (this should never fail!) */
test_keys( pk, sk, nbits - 64 );
}
/****************
* Test wether the secret key is valid.
* Returns: true if this is a valid key.
*/
int
rsa_check_secret_key( RSA_secret_key *sk )
{
int rc;
MPI temp = mpi_alloc( mpi_get_nlimbs(sk->p)*2 );
mpi_mul(temp, sk->p, sk->q );
rc = mpi_cmp( temp, sk->n );
mpi_free(temp);
return !rc;
}
/****************
* Public key operation. Encrypt INPUT with PKEY and put result into OUTPUT.
*
* c = m^e mod n
*
* Where c is OUTPUT, m is INPUT and e,n are elements of PKEY.
*/
void
rsa_public(MPI output, MPI input, RSA_public_key *pkey )
{
if( output == input ) { /* powm doesn't like output and input the same */
MPI x = mpi_alloc( mpi_get_nlimbs(input)*2 );
mpi_powm( x, input, pkey->e, pkey->n );
mpi_set(output, x);
mpi_free(x);
}
else
mpi_powm( output, input, pkey->e, pkey->n );
}
/****************
* Secret key operation. Encrypt INPUT with SKEY and put result into OUTPUT.
*
* m = c^d mod n
*
* Where m is OUTPUT, c is INPUT and d,n are elements of PKEY.
*
* FIXME: We should better use the Chinese Remainder Theorem
*/
void
rsa_secret(MPI output, MPI input, RSA_secret_key *skey )
{
mpi_powm( output, input, skey->d, skey->n );
}

54
cipher/rsa.h
View File

@ -1,54 +0,0 @@
/* rsa.h
* Copyright (c) 1997 by Werner Koch (dd9jn)
*
* ATTENTION: This code should not be exported from the United States
* nor should it be used their without a license agreement with PKP.
* The RSA alorithm is protected by U.S. Patent #4,405,829 which
* expires on September 20, 2000!
*
* This file is part of G10.
*
* G10 is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* G10 is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#ifndef G10_RSA_H
#define G10_RSA_H
#include "mpi.h"
typedef struct {
MPI e; /* exponent */
MPI n; /* modulus */
} RSA_public_key;
typedef struct {
MPI e; /* public exponent */
MPI n; /* public modulus */
MPI p; /* prime p. */
MPI q; /* prime q. */
MPI d; /* exponent */
MPI u; /* inverse of p mod q. */
} RSA_secret_key;
void rsa_free_public_key( RSA_public_key *pk );
void rsa_free_secret_key( RSA_secret_key *sk );
void rsa_generate( RSA_public_key *pk, RSA_secret_key *sk, unsigned nbits );
int rsa_check_secret_key( RSA_secret_key *sk );
void rsa_public(MPI output, MPI input, RSA_public_key *skey );
void rsa_secret(MPI output, MPI input, RSA_secret_key *skey );
#endif /*G10_RSA_H*/

400
cipher/sha1.c Normal file
View File

@ -0,0 +1,400 @@
/* sha1.c - SHA1 hash function
* Copyright (c) 1997 by Werner Koch (dd9jn)
*
* Please see below for more legal informations!
*
* This file is part of G10.
*
* G10 is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* G10 is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/* I took the code for transform() from the Linux kernel
* (/usr/src/linux/drivers/char/random.c) which has
*
* a) This notice:
* ---------------
* SHA transform algorithm, taken from code written by Peter Gutman,
* and apparently in the public domain.
*
* b) This copyright notice:
* -------------------------
* Version 1.00, last modified 26-May-96
*
* Copyright Theodore Ts'o, 1994, 1995, 1996. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, and the entire permission notice in its entirety,
* including the disclaimer of warranties.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior
* written permission.
*
* ALTERNATIVELY, this product may be distributed under the terms of
* the GNU Public License, in which case the provisions of the GPL are
* required INSTEAD OF the above restrictions. (This clause is
* necessary due to a potential bad interaction between the GPL and
* the restrictions contained in a BSD-style copyright.)
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*/
/* Test vectors:
*
* "abc"
* A999 3E36 4706 816A BA3E 2571 7850 C26C 9CD0 D89D
*
* "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
* 8498 3E44 1C3B D26E BAAE 4AA1 F951 29E5 E546 70F1
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <assert.h>
#include "util.h"
#include "memory.h"
#include "cipher.h" /* grrrr */
#include "sha1.h"
/* The SHA f()-functions. */
#define f1(x,y,z) ( z ^ ( x & ( y ^ z ) ) ) /* Rounds 0-19 */
#define f2(x,y,z) ( x ^ y ^ z ) /* Rounds 20-39 */
#define f3(x,y,z) ( ( x & y ) | ( z & ( x | y ) ) ) /* Rounds 40-59 */
#define f4(x,y,z) ( x ^ y ^ z ) /* Rounds 60-79 */
/* The SHA Mysterious Constants */
#define K1 0x5A827999L /* Rounds 0-19 */
#define K2 0x6ED9EBA1L /* Rounds 20-39 */
#define K3 0x8F1BBCDCL /* Rounds 40-59 */
#define K4 0xCA62C1D6L /* Rounds 60-79 */
#define ROTL(n,X) ( ( ( X ) << n ) | ( ( X ) >> ( 32 - n ) ) )
#define expand(W,i) ( W[ i & 15 ] = \
ROTL( 1, ( W[ i & 15 ] ^ W[ (i - 14) & 15 ] ^ \
W[ (i - 8) & 15 ] ^ W[ (i - 3) & 15 ] ) ) )
#define subRound(a, b, c, d, e, f, k, data) \
( e += ROTL( 5, a ) + f( b, c, d ) + k + data, b = ROTL( 30, b ) )
static void
initialize( SHA1HANDLE hd )
{
hd->h0 = 0x67452301;
hd->h1 = 0xefcdab89;
hd->h2 = 0x98badcfe;
hd->h3 = 0x10325476;
hd->h4 = 0xc3d2e1f0;
hd->bufcount = 0;
hd->nblocks = 0;
}
/****************
* Transform the message X which consists of 16 32-bit-words
*/
static void
transform( SHA1HANDLE hd, byte *data )
{
u32 A, B, C, D, E; /* Local vars */
u32 eData[ 16 ]; /* Expanded data */
/* Set up first buffer and local data buffer */
A = hd->h0;
B = hd->h1;
C = hd->h2;
D = hd->h3;
E = hd->h4;
#ifdef HAVE_BIG_ENDIAN
memcpy( eData, data, 64 );
#else
{ int i;
byte *p2;
for(i=0, p2=(byte*)eData; i < 16; i++, p2 += 4 ) {
p2[3] = *data++;
p2[2] = *data++;
p2[1] = *data++;
p2[0] = *data++;
}
}
#endif
/* Heavy mangling, in 4 sub-rounds of 20 iterations each. */
subRound( A, B, C, D, E, f1, K1, eData[ 0 ] );
subRound( E, A, B, C, D, f1, K1, eData[ 1 ] );
subRound( D, E, A, B, C, f1, K1, eData[ 2 ] );
subRound( C, D, E, A, B, f1, K1, eData[ 3 ] );
subRound( B, C, D, E, A, f1, K1, eData[ 4 ] );
subRound( A, B, C, D, E, f1, K1, eData[ 5 ] );
subRound( E, A, B, C, D, f1, K1, eData[ 6 ] );
subRound( D, E, A, B, C, f1, K1, eData[ 7 ] );
subRound( C, D, E, A, B, f1, K1, eData[ 8 ] );
subRound( B, C, D, E, A, f1, K1, eData[ 9 ] );
subRound( A, B, C, D, E, f1, K1, eData[ 10 ] );
subRound( E, A, B, C, D, f1, K1, eData[ 11 ] );
subRound( D, E, A, B, C, f1, K1, eData[ 12 ] );
subRound( C, D, E, A, B, f1, K1, eData[ 13 ] );
subRound( B, C, D, E, A, f1, K1, eData[ 14 ] );
subRound( A, B, C, D, E, f1, K1, eData[ 15 ] );
subRound( E, A, B, C, D, f1, K1, expand( eData, 16 ) );
subRound( D, E, A, B, C, f1, K1, expand( eData, 17 ) );
subRound( C, D, E, A, B, f1, K1, expand( eData, 18 ) );
subRound( B, C, D, E, A, f1, K1, expand( eData, 19 ) );
subRound( A, B, C, D, E, f2, K2, expand( eData, 20 ) );
subRound( E, A, B, C, D, f2, K2, expand( eData, 21 ) );
subRound( D, E, A, B, C, f2, K2, expand( eData, 22 ) );
subRound( C, D, E, A, B, f2, K2, expand( eData, 23 ) );
subRound( B, C, D, E, A, f2, K2, expand( eData, 24 ) );
subRound( A, B, C, D, E, f2, K2, expand( eData, 25 ) );
subRound( E, A, B, C, D, f2, K2, expand( eData, 26 ) );
subRound( D, E, A, B, C, f2, K2, expand( eData, 27 ) );
subRound( C, D, E, A, B, f2, K2, expand( eData, 28 ) );
subRound( B, C, D, E, A, f2, K2, expand( eData, 29 ) );
subRound( A, B, C, D, E, f2, K2, expand( eData, 30 ) );
subRound( E, A, B, C, D, f2, K2, expand( eData, 31 ) );
subRound( D, E, A, B, C, f2, K2, expand( eData, 32 ) );
subRound( C, D, E, A, B, f2, K2, expand( eData, 33 ) );
subRound( B, C, D, E, A, f2, K2, expand( eData, 34 ) );
subRound( A, B, C, D, E, f2, K2, expand( eData, 35 ) );
subRound( E, A, B, C, D, f2, K2, expand( eData, 36 ) );
subRound( D, E, A, B, C, f2, K2, expand( eData, 37 ) );
subRound( C, D, E, A, B, f2, K2, expand( eData, 38 ) );
subRound( B, C, D, E, A, f2, K2, expand( eData, 39 ) );
subRound( A, B, C, D, E, f3, K3, expand( eData, 40 ) );
subRound( E, A, B, C, D, f3, K3, expand( eData, 41 ) );
subRound( D, E, A, B, C, f3, K3, expand( eData, 42 ) );
subRound( C, D, E, A, B, f3, K3, expand( eData, 43 ) );
subRound( B, C, D, E, A, f3, K3, expand( eData, 44 ) );
subRound( A, B, C, D, E, f3, K3, expand( eData, 45 ) );
subRound( E, A, B, C, D, f3, K3, expand( eData, 46 ) );
subRound( D, E, A, B, C, f3, K3, expand( eData, 47 ) );
subRound( C, D, E, A, B, f3, K3, expand( eData, 48 ) );
subRound( B, C, D, E, A, f3, K3, expand( eData, 49 ) );
subRound( A, B, C, D, E, f3, K3, expand( eData, 50 ) );
subRound( E, A, B, C, D, f3, K3, expand( eData, 51 ) );
subRound( D, E, A, B, C, f3, K3, expand( eData, 52 ) );
subRound( C, D, E, A, B, f3, K3, expand( eData, 53 ) );
subRound( B, C, D, E, A, f3, K3, expand( eData, 54 ) );
subRound( A, B, C, D, E, f3, K3, expand( eData, 55 ) );
subRound( E, A, B, C, D, f3, K3, expand( eData, 56 ) );
subRound( D, E, A, B, C, f3, K3, expand( eData, 57 ) );
subRound( C, D, E, A, B, f3, K3, expand( eData, 58 ) );
subRound( B, C, D, E, A, f3, K3, expand( eData, 59 ) );
subRound( A, B, C, D, E, f4, K4, expand( eData, 60 ) );
subRound( E, A, B, C, D, f4, K4, expand( eData, 61 ) );
subRound( D, E, A, B, C, f4, K4, expand( eData, 62 ) );
subRound( C, D, E, A, B, f4, K4, expand( eData, 63 ) );
subRound( B, C, D, E, A, f4, K4, expand( eData, 64 ) );
subRound( A, B, C, D, E, f4, K4, expand( eData, 65 ) );
subRound( E, A, B, C, D, f4, K4, expand( eData, 66 ) );
subRound( D, E, A, B, C, f4, K4, expand( eData, 67 ) );
subRound( C, D, E, A, B, f4, K4, expand( eData, 68 ) );
subRound( B, C, D, E, A, f4, K4, expand( eData, 69 ) );
subRound( A, B, C, D, E, f4, K4, expand( eData, 70 ) );
subRound( E, A, B, C, D, f4, K4, expand( eData, 71 ) );
subRound( D, E, A, B, C, f4, K4, expand( eData, 72 ) );
subRound( C, D, E, A, B, f4, K4, expand( eData, 73 ) );
subRound( B, C, D, E, A, f4, K4, expand( eData, 74 ) );
subRound( A, B, C, D, E, f4, K4, expand( eData, 75 ) );
subRound( E, A, B, C, D, f4, K4, expand( eData, 76 ) );
subRound( D, E, A, B, C, f4, K4, expand( eData, 77 ) );
subRound( C, D, E, A, B, f4, K4, expand( eData, 78 ) );
subRound( B, C, D, E, A, f4, K4, expand( eData, 79 ) );
/* Build message digest */
hd->h0 += A;
hd->h1 += B;
hd->h2 += C;
hd->h3 += D;
hd->h4 += E;
}
SHA1HANDLE
sha1_open( int secure )
{
SHA1HANDLE hd;
hd = secure? m_alloc_secure( sizeof *hd )
: m_alloc( sizeof *hd );
initialize(hd);
return hd;
}
SHA1HANDLE
sha1_copy( SHA1HANDLE a )
{
SHA1HANDLE b;
assert(a);
b = m_is_secure(a)? m_alloc_secure( sizeof *b )
: m_alloc( sizeof *b );
memcpy( b, a, sizeof *a );
return b;
}
/* BAD Kludge!!! */
MD_HANDLE *
sha1_copy2md( SHA1HANDLE a )
{
MD_HANDLE *md = md_makecontainer( DIGEST_ALGO_SHA1 );
md->u.sha1 = sha1_copy( a );
return md;
}
void
sha1_close(SHA1HANDLE hd)
{
if( hd )
m_free(hd);
}
/* Update the message digest with the contents
* of INBUF with length INLEN.
*/
void
sha1_write( SHA1HANDLE hd, byte *inbuf, size_t inlen)
{
if( hd->bufcount == 64 ) { /* flush the buffer */
transform( hd, hd->buffer );
hd->bufcount = 0;
hd->nblocks++;
}
if( !inbuf )
return;
if( hd->bufcount ) {
for( ; inlen && hd->bufcount < 64; inlen-- )
hd->buffer[hd->bufcount++] = *inbuf++;
sha1_write( hd, NULL, 0 );
if( !inlen )
return;
}
while( inlen >= 64 ) {
transform( hd, inbuf );
hd->bufcount = 0;
hd->nblocks++;
inlen -= 64;
inbuf += 64;
}
for( ; inlen && hd->bufcount < 64; inlen-- )
hd->buffer[hd->bufcount++] = *inbuf++;
}
/* The routine final terminates the computation and
* returns the digest.
* The handle is prepared for a new cycle, but adding bytes to the
* handle will the destroy the returned buffer.
* Returns: 20 bytes representing the digest.
*/
byte *
sha1_final(SHA1HANDLE hd)
{
u32 t, msb, lsb;
byte *p;
sha1_write(hd, NULL, 0); /* flush */;
msb = 0;
t = hd->nblocks;
if( (lsb = t << 6) < t ) /* multiply by 64 to make a byte count */
msb++;
msb += t >> 26;
t = lsb;
if( (lsb = t + hd->bufcount) < t ) /* add the bufcount */
msb++;
t = lsb;
if( (lsb = t << 3) < t ) /* multiply by 8 to make a bit count */
msb++;
msb += t >> 29;
if( hd->bufcount < 56 ) { /* enough room */
hd->buffer[hd->bufcount++] = 0x80; /* pad */
while( hd->bufcount < 56 )
hd->buffer[hd->bufcount++] = 0; /* pad */
}
else { /* need one extra block */
hd->buffer[hd->bufcount++] = 0x80; /* pad character */
while( hd->bufcount < 64 )
hd->buffer[hd->bufcount++] = 0;
sha1_write(hd, NULL, 0); /* flush */;
memset(hd->buffer, 0, 56 ); /* fill next block with zeroes */
}
/* append the 64 bit count */
hd->buffer[56] = msb >> 24;
hd->buffer[57] = msb >> 16;
hd->buffer[58] = msb >> 8;
hd->buffer[59] = msb ;
hd->buffer[60] = lsb >> 24;
hd->buffer[61] = lsb >> 16;
hd->buffer[62] = lsb >> 8;
hd->buffer[63] = lsb ;
transform( hd, hd->buffer );
p = hd->buffer;
#ifdef HAVE_BIG_ENDIAN
#define X(a) do { *(u32*)p = hd->h##a ; p += 4; } while(0)
#else /* little endian */
#define X(a) do { *p++ = hd->h##a >> 24; *p++ = hd->h##a >> 16; \
*p++ = hd->h##a >> 8; *p++ = hd->h##a; } while(0)
#endif
X(0);
X(1);
X(2);
X(3);
X(4);
#undef X
initialize( hd ); /* prepare for next cycle */
return hd->buffer; /* now contains the digest */
}

50
cipher/sha1.h Normal file
View File

@ -0,0 +1,50 @@
/* sha1.h - SHA1 hash function
* Copyright (c) 1997 by Werner Koch (dd9jn)
*
* This file is part of G10.
*
* G10 is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* G10 is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#ifndef G10_SHA1_H
#define G10_SHA1_H
#include "types.h"
typedef struct {
u32 h0,h1,h2,h3,h4;
u32 nblocks;
byte buffer[64];
int bufcount;
} *SHA1HANDLE;
/****************
* Process a single character, this character will be buffered to
* increase performance.
*/
#define sha1_putchar(h,c) \
do { \
if( (h)->bufcount == 64 ) \
sha1_write( (h), NULL, 0 ); \
(h)->buffer[(h)->bufcount++] = (c) & 0xff; \
} while(0)
SHA1HANDLE sha1_open( int secure );
SHA1HANDLE sha1_copy( SHA1HANDLE a );
void sha1_close( SHA1HANDLE hd );
void sha1_write( SHA1HANDLE hd, byte *inbuf, size_t inlen );
byte * sha1_final( SHA1HANDLE hd );
#endif /*G10_SHA1_H*/

4
g10/Makefile.am
View File

@ -13,6 +13,8 @@ g10_SOURCES = g10.c \
free-packet.c \
getkey.c \
keydb.h \
ringedit.c \
kbnode.c \
keygen.c \
main.h \
mainproc.c \
@ -37,5 +39,5 @@ g10_SOURCES = g10.c \
LDADD = -L ../cipher -L ../mpi -L ../util -lcipher -lmpi -lutil
$(PROGRAMS): ../cipher/libcipher.a ../mpi/libmpi.a
$(PROGRAMS): ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a

22
g10/Makefile.in
View File

@ -51,6 +51,8 @@ g10_SOURCES = g10.c \
free-packet.c \
getkey.c \
keydb.h \
ringedit.c \
kbnode.c \
keygen.c \
main.h \
mainproc.c \
@ -90,9 +92,10 @@ LIBS = @LIBS@
COMPILE = $(CC) -c $(DEFS) $(INCLUDES) $(CPPFLAGS) $(CFLAGS)
LINK = $(CC) $(LDFLAGS) -o $@
g10_OBJECTS = g10.o build-packet.o compress.o encode.o encr-data.o \
free-packet.o getkey.o keygen.o mainproc.o armor.o mdfilter.o cipher.o \
openfile.o keyid.o parse-packet.o passphrase.o plaintext.o pubkey-enc.o \
seckey-cert.o seskey.o sign.o comment.o sig-check.o
free-packet.o getkey.o ringedit.o kbnode.o keygen.o mainproc.o armor.o \
mdfilter.o cipher.o openfile.o keyid.o parse-packet.o passphrase.o \
plaintext.o pubkey-enc.o seckey-cert.o seskey.o sign.o comment.o \
sig-check.o
EXTRA_g10_SOURCES =
g10_LDADD = $(LDADD)
DIST_COMMON = Makefile.am Makefile.in
@ -111,11 +114,12 @@ DEP_FILES = $(srcdir)/.deps/armor.P $(srcdir)/.deps/build-packet.P \
$(srcdir)/.deps/cipher.P $(srcdir)/.deps/comment.P \
$(srcdir)/.deps/compress.P $(srcdir)/.deps/encode.P \
$(srcdir)/.deps/encr-data.P $(srcdir)/.deps/free-packet.P \
$(srcdir)/.deps/g10.P $(srcdir)/.deps/getkey.P $(srcdir)/.deps/keygen.P \
$(srcdir)/.deps/keyid.P $(srcdir)/.deps/mainproc.P \
$(srcdir)/.deps/mdfilter.P $(srcdir)/.deps/openfile.P \
$(srcdir)/.deps/parse-packet.P $(srcdir)/.deps/passphrase.P \
$(srcdir)/.deps/plaintext.P $(srcdir)/.deps/pubkey-enc.P \
$(srcdir)/.deps/g10.P $(srcdir)/.deps/getkey.P $(srcdir)/.deps/kbnode.P \
$(srcdir)/.deps/keygen.P $(srcdir)/.deps/keyid.P \
$(srcdir)/.deps/mainproc.P $(srcdir)/.deps/mdfilter.P \
$(srcdir)/.deps/openfile.P $(srcdir)/.deps/parse-packet.P \
$(srcdir)/.deps/passphrase.P $(srcdir)/.deps/plaintext.P \
$(srcdir)/.deps/pubkey-enc.P $(srcdir)/.deps/ringedit.P \
$(srcdir)/.deps/seckey-cert.P $(srcdir)/.deps/seskey.P \
$(srcdir)/.deps/sig-check.P $(srcdir)/.deps/sign.P
SOURCES = $(g10_SOURCES)
@ -285,7 +289,7 @@ mostlyclean-generic distclean-generic clean-generic \
maintainer-clean-generic clean mostlyclean distclean maintainer-clean
$(PROGRAMS): ../cipher/libcipher.a ../mpi/libmpi.a
$(PROGRAMS): ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a
.SUFFIXES:
.SUFFIXES: .c .o

12
g10/compress.c
View File

@ -106,7 +106,13 @@ init_uncompress( compress_filter_context_t *zfx, z_stream *zs )
int level;
if( (rc = inflateInit( zs )) != Z_OK ) {
/****************
* PGP uses a windowsize of 13 bits. Using a negative value for
* it forces zlib not to expect a zlib header. This is a
* undocumented feature, Peter Gutmann told me about.
*/
if( (rc = zfx->pgpmode? inflateInit2( zs, -13)
: inflateInit( zs )) != Z_OK ) {
log_fatal("zlib problem: %s\n", zs->msg? zs->msg :
rc == Z_MEM_ERROR ? "out of core" :
rc == Z_VERSION_ERROR ? "invalid lib version" :
@ -265,7 +271,9 @@ handle_compressed( PKT_compressed *cd )
compress_filter_context_t cfx;
memset( &cfx, 0, sizeof cfx );
if( cd->algorithm != 2 )
if( cd->algorithm == 1 )
cfx.pgpmode = 1;
else if( cd->algorithm != 2 )
return G10ERR_COMPR_ALGO;
iobuf_push_filter( cd->buf, compress_filter, &cfx );

2
g10/encode.c
View File

@ -239,7 +239,7 @@ encode_crypt( const char *filename, STRLIST remusr )
pkey.y = pkc->d.elg.y;
if( DBG_CIPHER )
log_mpidump("Plain DEK frame: ", frame);
elg_encrypted( enc->d.elg.a, enc->d.elg.b, frame, &pkey);
elg_encrypt( enc->d.elg.a, enc->d.elg.b, frame, &pkey);
mpi_free( frame );
if( DBG_CIPHER ) {
log_mpidump("Encry DEK a: ", enc->d.elg.a );

1
g10/filter.h
View File

@ -48,6 +48,7 @@ typedef struct {
unsigned inbufsize;
byte *outbuf;
unsigned outbufsize;
int pgpmode;
} compress_filter_context_t;

178
g10/g10.c
View File

@ -19,6 +19,7 @@
*/
#include <config.h>
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
@ -34,6 +35,8 @@
#include "cipher.h"
#include "filter.h"
static void print_hex( byte *p, size_t n );
static void print_mds( const char *fname );
static void do_test(int);
const char *
@ -126,29 +129,86 @@ main( int argc, char **argv )
{ 514, "test" , 0, "\rdevelopment usage" },
{ 515, "change-passphrase", 0, "change the passphrase of your secret keyring"},
{ 515, "fingerprint", 0, "show the fingerprints"},
{ 516, "print-mds" , 0, "print all message digests"},
{ 517, "secret-keyring" ,2, "add this secret keyring to the list" },
{ 518, "config" , 2, "use this config file" },
{0} };
ARGPARSE_ARGS pargs = { &argc, &argv, 0 };
ARGPARSE_ARGS pargs;
IOBUF a;
int rc;
enum { aNull, aSym, aStore, aEncr, aPrimegen, aKeygen, aSign, aSignEncr,
aTest,
aTest, aPrintMDs,
} action = aNull;
int orig_argc;
char **orig_argv;
const char *fname, *fname_print;
STRLIST sl, remusr= NULL, locusr=NULL;
int nrings=0;
int nrings=0, sec_nrings=0;
armor_filter_context_t afx;
const char *s;
int detached_sig = 0;
FILE *configfp = NULL;
char *configname = NULL;
unsigned configlineno;
int parse_verbose = 0;
int default_config =1;
int errors=0;
opt.compress = -1; /* defaults to default compression level */
/* check wether we have a config file on the commandline */
orig_argc = argc;
orig_argv = argv;
pargs.argc = &argc;
pargs.argv = &argv;
pargs.flags= 1; /* do not remove the args */
while( arg_parse( &pargs, opts) ) {
if( pargs.r_opt == 'v' )
parse_verbose++;
else if( pargs.r_opt == 518 ) {
/* yes there is one, so we do not try the default one, but
* read the option file when it is encountered at the commandline
*/
default_config = 0;
}
}
if( default_config )
configname = make_filename("~/.g10", "options", NULL );
argc = orig_argc;
argv = orig_argv;
pargs.argc = &argc;
pargs.argv = &argv;
pargs.flags= 1; /* do not remove the args */
next_pass:
if( configname ) {
configlineno = 0;
configfp = fopen( configname, "r" );
if( !configfp ) {
if( default_config ) {
if( parse_verbose )
log_info("note: no default option file '%s'\n", configname );
}
else
log_fatal("option file '%s': %s\n",
configname, strerror(errno) );
m_free(configname); configname = NULL;
}
if( parse_verbose )
log_info("reading options from '%s'\n", configname );
default_config = 0;
}
while( optfile_parse( configfp, configname, &configlineno,
&pargs, opts) ) {
switch( pargs.r_opt ) {
case 'v': opt.verbose++;
opt.list_sigs=1;
break;
case 'z':
opt.compress = pargs.r.ret_int;
break;
case 'z': opt.compress = pargs.r.ret_int; break;
case 'a': opt.armor = 1; break;
case 'c': action = aSym; break;
case 'o': opt.outfile = pargs.r.ret_str;
@ -184,9 +244,29 @@ main( int argc, char **argv )
case 513: action = aPrimegen; break;
case 514: action = aTest; break;
case 515: opt.fingerprint = 1; break;
default : pargs.err = 2; break;
case 516: action = aPrintMDs; break;
case 517: add_secret_keyring(pargs.r.ret_str); sec_nrings++; break;
case 518:
/* config files may not be nested (silently ignore them) */
if( !configfp ) {
m_free(configname);
configname = m_strdup(pargs.r.ret_str);
goto next_pass;
}
break;
default : errors++; pargs.err = configfp? 1:2; break;
}
}
if( configfp ) {
fclose( configfp );
configfp = NULL;
m_free(configname); configname = NULL;
goto next_pass;
}
m_free( configname ); configname = NULL;
if( errors )
exit(2);
set_debug();
if( opt.verbose > 1 )
set_packet_list_mode(1);
@ -197,6 +277,9 @@ main( int argc, char **argv )
fputs(s, stderr);
}
if( !sec_nrings ) { /* add default secret rings */
add_keyring("../keys/secring.g10");
}
if( !nrings ) { /* add default rings */
add_keyring("../keys/ring.pgp");
add_keyring("../keys/pubring.g10");
@ -251,6 +334,15 @@ main( int argc, char **argv )
putchar('\n');
break;
case aPrintMDs:
if( !argc )
print_mds(NULL);
else {
for(; argc; argc--, argv++ )
print_mds(*argv);
}
break;
case aKeygen: /* generate a key (interactive) */
if( argc )
usage(1);
@ -279,6 +371,78 @@ main( int argc, char **argv )
}
static void
print_hex( byte *p, size_t n )
{
int i;
if( n == 20 ) {
for(i=0; i < n ; i++, i++, p += 2 ) {
if( i == 10 )
putchar(' ');
printf(" %02X%02X", *p, p[1] );
}
}
else {
for(i=0; i < n ; i++, p++ ) {
if( i && !(i%8) )
putchar(' ');
printf(" %02X", *p );
}
}
}
static void
print_mds( const char *fname )
{
FILE *fp;
char buf[1024];
size_t n;
MD5HANDLE md5;
RMDHANDLE rmd160;
SHA1HANDLE sha1;
if( !fname ) {
fp = stdin;
fname = "[stdin]";
}
else
fp = fopen( fname, "rb" );
if( !fp ) {
log_error("%s: %s\n", fname, strerror(errno) );
return;
}
md5 = md5_open(0);
rmd160 = rmd160_open(0);
sha1 = sha1_open(0);
while( (n=fread( buf, 1, DIM(buf), fp )) ) {
md5_write( md5, buf, n );
rmd160_write( rmd160, buf, n );
sha1_write( sha1, buf, n );
}
if( ferror(fp) )
log_error("%s: %s\n", fname, strerror(errno) );
else {
byte *p;
md5_final(md5);
printf( "%s: MD5 =", fname ); print_hex(md5_read(md5), 16 );
printf("\n%s: RMD160 =", fname ); print_hex(rmd160_final(rmd160), 20 );
printf("\n%s: SHA1 =", fname ); print_hex(sha1_final(sha1), 20 );
putchar('\n');
}
md5_close(md5);
rmd160_close(rmd160);
sha1_close(sha1);
if( fp != stdin )
fclose(fp);
}
static void
do_test(int times)

36
g10/getkey.c
View File

@ -52,6 +52,7 @@ typedef struct pkc_cache_entry {
} *pkc_cache_entry_t;
static STRLIST keyrings;
static STRLIST secret_keyrings;
static keyid_list_t unknown_keyids;
static user_id_db_t user_id_db;
@ -69,6 +70,7 @@ void
add_keyring( const char *name )
{
STRLIST sl;
int rc;
/* FIXME: check wether this one is available etc */
/* my be we should do this later */
@ -76,6 +78,28 @@ add_keyring( const char *name )
strcpy(sl->d, name );
sl->next = keyrings;
keyrings = sl;
/* FIXME: We should remove much out of this mpdule and
* combine it with the keyblock stuff from ringedit.c
* For now we will simple add the filename as keyblock resource
*/
rc = add_keyblock_resource( name );
if( rc )
log_error("keyblock resource '%s': %s\n", name, rc );
}
void
add_secret_keyring( const char *name )
{
STRLIST sl;
int rc;
/* FIXME: check wether this one is available etc */
/* my be we should do this later */
sl = m_alloc( sizeof *sl + strlen(name) );
strcpy(sl->d, name );
sl->next = secret_keyrings;
secret_keyrings = sl;
}
@ -255,10 +279,12 @@ get_pubkey_by_name( PKT_public_cert *pkc, const char *name )
int
get_seckey( PKT_secret_cert *skc, u32 *keyid )
{
STRLIST sl;
int rc=0;
if( !(rc=scan_secret_keyring( skc, keyid, NULL, "../keys/secring.g10" ) ) )
goto found;
for(sl = secret_keyrings; sl; sl = sl->next )
if( !(rc=scan_secret_keyring( skc, keyid, NULL, sl->d )) )
goto found;
/* fixme: look at other places */
goto leave;
@ -280,10 +306,12 @@ get_seckey( PKT_secret_cert *skc, u32 *keyid )
int
get_seckey_by_name( PKT_secret_cert *skc, const char *name )
{
STRLIST sl;
int rc=0;
if( !(rc=scan_secret_keyring( skc, NULL, name, "../keys/secring.g10" ) ) )
goto found;
for(sl = secret_keyrings; sl; sl = sl->next )
if( !(rc=scan_secret_keyring( skc, NULL, name, sl->d ) ) )
goto found;
/* fixme: look at other places */
goto leave;

79
g10/kbnode.c Normal file
View File

@ -0,0 +1,79 @@
/* kbnode.c - keyblock node utility functions
* Copyright (c) 1997 by Werner Koch (dd9jn)
*
* This file is part of G10.
*
* G10 is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* G10 is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <assert.h>
#include "util.h"
#include "memory.h"
#include "packet.h"
#include "keydb.h"
KBNODE
new_kbnode( PACKET *pkt )
{
KBNODE n = m_alloc( sizeof *n );
n->next = NULL;
n->pkt = pkt;
n->child = NULL;
return n;
}
void
release_kbnode( KBNODE n )
{
KBNODE n2;
while( n ) {
n2 = n->next;
release_kbnode( n->child );
free_packet( n->pkt );
m_free( n );
n = n2;
}
}
/****************
* Return the parent node of KBNODE from the tree with ROOT
*/
KBNODE
find_kbparent( KBNODE root, KBNODE node )
{
KBNODE n, n2;
for( ; root; root = root->child) {
for( n = root; n; n = n->next) {
for( n2 = n->child; n2; n2 = n2->next ) {
if( n2 == node )
return n;
}
}
}
log_bug(NULL);
}

46
g10/keydb.h
View File

@ -26,12 +26,43 @@
#include "cipher.h"
/****************
* A Keyblock are all packets which form an entire certificate;
* i.e. the public key, certificate, trust packets, user ids,
* signatures, and subkey.
*
* This structure is also used to bind arbitrary packets together.
*/
typedef struct kbnode_struct *KBNODE;
struct kbnode_struct {
PACKET *pkt;
KBNODE next; /* used to form a link list */
KBNODE child;
};
/****************
* A data structre to hold informations about the external position
* of a keyblock.
*/
struct keyblock_pos_struct {
int resno; /* resource number */
ulong offset; /* position information */
ulong length; /* length of thge keyblock */
int last_block;
};
typedef struct keyblock_pos_struct KBPOS;
/*-- passphrase.h --*/
DEK *get_passphrase_hash( u32 *keyid, char *text );
int make_dek_from_passphrase( DEK *dek, int mode );
/*-- getkey.c --*/
void add_keyring( const char *name );
void add_secret_keyring( const char *name );
void cache_public_cert( PKT_public_cert *pkc );
void cache_user_id( PKT_user_id *uid, u32 *keyid );
int get_pubkey( PKT_public_cert *pkc, u32 *keyid );
@ -53,6 +84,21 @@ const char *datestr_from_sig( PKT_signature *sig );
byte *fingerprint_from_skc( PKT_secret_cert *skc, size_t *ret_len );
byte *fingerprint_from_pkc( PKT_public_cert *pkc, size_t *ret_len );
/*-- kbnode.c --*/
KBNODE new_kbnode( PACKET *pkt );
void release_kbnode( KBNODE n );
KBNODE find_kbparent( KBNODE root, KBNODE node );
/*-- ringedit.c --*/
int add_keyblock_resource( const char *filename );
int get_keyblock_handle( const char *filename, KBPOS *kbpos );
int search_keyblock( PACKET *pkt, KBPOS *kbpos );
int lock_keyblock( KBPOS *kbpos );
int unlock_keyblock( KBPOS *kbpos );
int read_keyblock( KBPOS *kbpos, KBNODE *ret_root );
int insert_keyblock( KBPOS *kbpos, KBNODE root );
int delete_keyblock( KBPOS *kbpos );
int update_keyblock( KBPOS *kbpos, KBNODE root );
#endif /*G10_KEYDB_H*/

109
g10/mainproc.c
View File

@ -35,25 +35,6 @@
#include "main.h"
/****************
* We need to glue the packets together. This done by a
* tree of packets, which will released whenever a new start packet
* is encounterd. Start packets are: [FIXME]
*
* pubkey
* userid userid
* sig, sig, sig sig, sig
*
*/
typedef struct node_struct *NODE;
struct node_struct {
PACKET *pkt;
NODE next; /* used to form a link list */
NODE child;
};
/****************
* Structure to hold the context
*/
@ -66,17 +47,14 @@ typedef struct {
DEK *dek;
int last_was_pubkey_enc;
int opt_list;
NODE cert; /* the current certificate */
KBNODE cert; /* the current certificate */
int have_data;
} *CTX;
static void list_node( CTX c, NODE node );
static void proc_tree( CTX c, NODE node );
static void list_node( CTX c, KBNODE node );
static void proc_tree( CTX c, KBNODE node );
static int
pubkey_letter( int algo )
@ -92,60 +70,13 @@ pubkey_letter( int algo )
}
static NODE
new_node( PACKET *pkt )
{
NODE n = m_alloc( sizeof *n );
n->next = NULL;
n->pkt = pkt;
n->child = NULL;
return n;
}
static void
release_node( NODE n )
{
NODE n2;
while( n ) {
n2 = n->next;
release_node( n->child );
free_packet( n->pkt );
m_free( n );
n = n2;
}
}
/****************
* Return the parent node of NODE from the tree with ROOT
*/
static NODE
find_parent( NODE root, NODE node )
{
NODE n, n2;
for( ; root; root = root->child) {
for( n = root; n; n = n->next) {
for( n2 = n->child; n2; n2 = n2->next ) {
if( n2 == node )
return n;
}
}
}
log_bug(NULL);
}
static void
release_cert( CTX c )
{
if( !c->cert )
return;
proc_tree(c, c->cert );
release_node( c->cert );
release_kbnode( c->cert );
c->cert = NULL;
}
@ -153,7 +84,7 @@ release_cert( CTX c )
static int
add_onepass_sig( CTX c, PACKET *pkt )
{
NODE node;
KBNODE node;
if( c->cert ) { /* add another packet */
@ -161,12 +92,12 @@ add_onepass_sig( CTX c, PACKET *pkt )
log_error("add_onepass_sig: another packet is in the way\n");
release_cert( c );
}
node = new_node( pkt );
node = new_kbnode( pkt );
node->next = c->cert;
c->cert = node;
}
else /* insert the first one */
c->cert = node = new_node( pkt );
c->cert = node = new_kbnode( pkt );
return 1;
}
@ -176,7 +107,7 @@ static int
add_public_cert( CTX c, PACKET *pkt )
{
release_cert( c );
c->cert = new_node( pkt );
c->cert = new_kbnode( pkt );
return 1;
}
@ -184,7 +115,7 @@ static int
add_secret_cert( CTX c, PACKET *pkt )
{
release_cert( c );
c->cert = new_node( pkt );
c->cert = new_kbnode( pkt );
return 1;
}
@ -193,7 +124,7 @@ static int
add_user_id( CTX c, PACKET *pkt )
{
u32 keyid[2];
NODE node, n1, n2;
KBNODE node, n1, n2;
if( !c->cert ) {
log_error("orphaned user id\n" );
@ -209,7 +140,7 @@ add_user_id( CTX c, PACKET *pkt )
return 0;
}
/* add a new user id node at the end */
node = new_node( pkt );
node = new_kbnode( pkt );
if( !(n2=n1->child) )
n1->child = node;
else {
@ -225,7 +156,7 @@ static int
add_signature( CTX c, PACKET *pkt )
{
u32 keyid[2];
NODE node, n1, n2;
KBNODE node, n1, n2;
if( !c->cert ) {
/* orphaned signature (no certificate)
@ -239,7 +170,7 @@ add_signature( CTX c, PACKET *pkt )
* The childs direct under the root are the signatures
* (there is no need to keep the correct sequence of packets)
*/
node = new_node( pkt );
node = new_kbnode( pkt );
node->next = c->cert->child;
c->cert->child = node;
return 1;
@ -259,7 +190,7 @@ add_signature( CTX c, PACKET *pkt )
return 0;
}
/* and add a new signature node id at the end */
node = new_node( pkt );
node = new_kbnode( pkt );
if( !(n2=n1->child) )
n1->child = node;
else {
@ -380,7 +311,7 @@ proc_compressed( CTX c, PACKET *pkt )
* Returns: 0 = valid signature or an error code
*/
static int
do_check_sig( CTX c, NODE node )
do_check_sig( CTX c, KBNODE node )
{
PKT_signature *sig;
MD_HANDLE *md;
@ -403,7 +334,7 @@ do_check_sig( CTX c, NODE node )
}
else if( (sig->sig_class&~3) == 0x10 ) { /* classes 0x10 .. 0x13 */
if( c->cert->pkt->pkttype == PKT_PUBLIC_CERT ) {
NODE n1 = find_parent( c->cert, node );
KBNODE n1 = find_kbparent( c->cert, node );
if( n1 && n1->pkt->pkttype == PKT_USER_ID ) {
@ -483,9 +414,9 @@ print_fingerprint( PKT_public_cert *pkc, PKT_secret_cert *skc )
*/
static void
list_node( CTX c, NODE node )
list_node( CTX c, KBNODE node )
{
register NODE n2;
register KBNODE n2;
if( !node )
;
@ -645,9 +576,9 @@ print_keyid( FILE *fp, u32 *keyid )
* Preocess the tree which starts at node
*/
static void
proc_tree( CTX c, NODE node )
proc_tree( CTX c, KBNODE node )
{
NODE n1;
KBNODE n1;
int rc;
if( node->pkt->pkttype == PKT_PUBLIC_CERT )

57
g10/packet.h
View File

@ -53,12 +53,12 @@ typedef struct {
u32 keyid[2]; /* 64 bit keyid */
byte pubkey_algo; /* algorithm used for public key scheme */
union {
struct {
MPI rsa_integer; /* integer containing the DEK */
} rsa;
struct {
MPI a, b; /* integers with the encrypteded DEK */
} elg;
struct {
MPI rsa_integer; /* integer containing the DEK */
} rsa;
} d;
} PKT_pubkey_enc;
@ -82,13 +82,13 @@ typedef struct {
struct {
byte digest_algo; /* algorithm used for digest (DIGEST_ALGO_xxxx) */
byte digest_start[2]; /* first 2 byte of the digest */
MPI rsa_integer; /* the encrypted digest */
} rsa;
MPI a, b; /* integers with the digest */
} elg;
struct {
byte digest_algo; /* algorithm used for digest (DIGEST_ALGO_xxxx) */
byte digest_start[2]; /* first 2 byte of the digest */
MPI a, b; /* integers with the digest */
} elg;
MPI rsa_integer; /* the encrypted digest */
} rsa;
} d;
} PKT_signature;
@ -99,15 +99,15 @@ typedef struct {
byte pubkey_algo; /* algorithm used for public key scheme */
md_filter_context_t mfx;
union {
struct {
MPI rsa_n; /* public modulus */
MPI rsa_e; /* public exponent */
} rsa;
struct {
MPI p; /* prime */
MPI g; /* group generator */
MPI y; /* g^x mod p */
} elg;
struct {
MPI rsa_n; /* public modulus */
MPI rsa_e; /* public exponent */
} rsa;
} d;
} PKT_public_cert;
@ -116,6 +116,23 @@ typedef struct {
u16 valid_days; /* valid for this number of days */
byte pubkey_algo; /* algorithm used for public key scheme */
union {
struct {
MPI p; /* prime */
MPI g; /* group generator */
MPI y; /* g^x mod p */
MPI x; /* secret exponent */
u16 csum; /* checksum */
byte is_protected; /* The above infos are protected and must */
/* be decrypteded before use */
byte protect_algo; /* cipher used to protect the secret informations*/
union { /* information for the protection */
struct {
byte iv[8]; /* initialization vector for CFB mode */
/* when protected, the MPIs above are pointers
* to plain storage */
} blowfish;
} protect;
} elg;
struct {
MPI rsa_n; /* public modulus */
MPI rsa_e; /* public exponent */
@ -135,23 +152,6 @@ typedef struct {
} blowfish;
} protect;
} rsa;
struct {
MPI p; /* prime */
MPI g; /* group generator */
MPI y; /* g^x mod p */
MPI x; /* secret exponent */
u16 csum; /* checksum */
byte is_protected; /* The above infos are protected and must */
/* be decrypteded before use */
byte protect_algo; /* cipher used to protect the secret informations*/
union { /* information for the protection */
struct {
byte iv[8]; /* initialization vector for CFB mode */
/* when protected, the MPIs above are pointers
* to plain storage */
} blowfish;
} protect;
} elg;
} d;
} PKT_secret_cert;
@ -213,6 +213,7 @@ int proc_packets( IOBUF a );
/*-- parse-packet.c --*/
int set_packet_list_mode( int mode );
int search_packet( IOBUF inp, PACKET *pkt, int pkttype, ulong *retpos );
int parse_packet( IOBUF inp, PACKET *ret_pkt);
/*-- build-packet.c --*/

43
g10/parse-packet.c
View File

@ -36,6 +36,8 @@
static mpi_print_mode = 0;
static list_mode = 0;
static int parse( IOBUF inp, PACKET *pkt, int reqtype,
ulong *retpos, int *skip );
static void skip_packet( IOBUF inp, int pkttype, unsigned long pktlen );
static void skip_rest( IOBUF inp, unsigned long pktlen );
static int parse_publickey( IOBUF inp, int pkttype, unsigned long pktlen,
@ -108,13 +110,48 @@ set_packet_list_mode( int mode )
*/
int
parse_packet( IOBUF inp, PACKET *pkt )
{
int skip, rc;
do {
rc = parse( inp, pkt, 0, NULL, &skip );
} while( skip );
return rc;
}
/****************
* Like parse packet, but do only return packet of the given type.
*/
int
search_packet( IOBUF inp, PACKET *pkt, int pkttype, ulong *retpos )
{
int skip, rc;
do {
rc = parse( inp, pkt, pkttype, retpos, &skip );
} while( skip );
return rc;
}
/****************
* Parse packet. Set the variable skip points to to 1 if the packet
* should be skipped; this is the case if either there is a
* requested packet type and the parsed packet doesn't match or the
* packet-type is 0, indicating deleted stuff.
*/
static int
parse( IOBUF inp, PACKET *pkt, int reqtype, ulong *retpos, int *skip )
{
int rc, ctb, pkttype, lenbytes;
unsigned long pktlen;
byte hdr[5];
int hdrlen;
*skip = 0;
assert( !pkt->pkt.generic );
if( retpos )
*retpos = iobuf_tell(inp);
if( (ctb = iobuf_get(inp)) == -1 )
return -1;
hdrlen=0;
@ -139,6 +176,12 @@ parse_packet( IOBUF inp, PACKET *pkt )
}
}
if( !pkttype || (reqtype && pkttype != reqtype) ) {
skip_packet(inp, pkttype, pktlen);
*skip = 1;
return 0;
}
if( DBG_PACKET )
log_debug("parse_packet(iob=%d): type=%d length=%lu\n",
iobuf_id(inp), pkttype, pktlen );

2
g10/pubkey-enc.c
View File

@ -58,7 +58,7 @@ get_session_key( PKT_pubkey_enc *k, DEK *dek )
skey.g = skc->d.elg.g;
skey.y = skc->d.elg.y;
skey.x = skc->d.elg.x;
elg_decrypted( dek_frame, k->d.elg.a, k->d.elg.b, &skey );
elg_decrypt( dek_frame, k->d.elg.a, k->d.elg.b, &skey );
memset( &skey, 0, sizeof skey );
}
#ifdef HAVE_RSA_CIPHER

469
g10/ringedit.c Normal file
View File

@ -0,0 +1,469 @@
/* ringedit.c - Function for key ring editing
* Copyright (c) 1997 by Werner Koch (dd9jn)
*
* This file is part of G10.
*
* G10 is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* G10 is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
*/
/****************
* This module supplies function for:
*
* - Search for a key block (pubkey and all other stuff) and return a
* handle for it.
*
* - Lock/Unlock a key block
*
* - Read a key block into a tree
*
* - Update a key block
*
* - Insert a new key block
*
* - Delete a key block
*
* FIXME: Add backup stuff
* FIXME: Keep track of all nodes, so that a change is propagated
* to all nodes. (or use shallow copies and ref-counting?)
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <assert.h>
#include "util.h"
#include "packet.h"
#include "memory.h"
#include "mpi.h"
#include "iobuf.h"
#include "keydb.h"
struct resource_table_struct {
int used;
char *fname;
IOBUF iobuf;
};
#define MAX_RESOURCES 10
static struct resource_table_struct resource_table[MAX_RESOURCES];
static int keyring_search( PACKET *pkt, KBPOS *kbpos, IOBUF iobuf );
static int keyring_read( KBPOS *kbpos, KBNODE *ret_root );
static int keyring_insert( KBPOS *kbpos, KBNODE root );
static int keyring_delete( KBPOS *kbpos );
static int
check_pos( KBPOS *kbpos )
{
if( kbpos->resno < 0 || kbpos->resno >= MAX_RESOURCES )
return G10ERR_GENERAL;
if( !resource_table[kbpos->resno].used )
return G10ERR_GENERAL;
return 0;
}
/****************************************************************
****************** public functions ****************************
****************************************************************/
/****************
* Register a resource (which currently may ionly be a keyring file).
*/
int
add_keyblock_resource( const char *filename )
{
IOBUF iobuf;
int i;
for(i=0; i < MAX_RESOURCES; i++ )
if( !resource_table[i].used )
break;
if( i == MAX_RESOURCES )
return G10ERR_RESOURCE_LIMIT;
iobuf = iobuf_open( filename );
if( !iobuf )
return G10ERR_OPEN_FILE;
resource_table[i].used = 1;
resource_table[i].fname = m_strdup(filename);
resource_table[i].iobuf = iobuf;
return 0;
}
/****************
* Get a keyblock handle KBPOS from a filename. This can be used
* to get a handle for insert_keyblock for a new keyblock.
*/
int
get_keyblock_handle( const char *filename, KBPOS *kbpos )
{
int i;
for(i=0; i < MAX_RESOURCES; i++ )
if( resource_table[i].used ) {
/* fixme: dos needs case insensitive file compare */
if( !strcmp( resource_table[i].fname, filename ) ) {
memset( kbpos, 0, sizeof *kbpos );
kbpos->resno = i;
return 0;
}
}
return -1; /* not found */
}
/****************
* Search a keyblock which starts with the given packet and put all
* informations into KBPOS, which can be used later to access this key block.
* This function looks into all registered keyblock sources.
* PACKET must be a packet with either a secret_cert or a public_cert
*
* This function is intended to check wether a given certificate
* is already in a keyring or to prepare it for editing.
*
* Returns: 0 if found, -1 if not found or an errorcode.
*/
int
search_keyblock( PACKET *pkt, KBPOS *kbpos )
{
int i, rc, last_rc=-1;
for(i=0; i < MAX_RESOURCES; i++ ) {
if( resource_table[i].used ) {
/* note: here we have to add different search functions,
* depending on the type of the resource */
rc = keyring_search( pkt, kbpos, resource_table[i].iobuf );
if( !rc ) {
kbpos->resno = i;
return 0;
}
if( rc != -1 ) {
log_error("error searching resource %d: %s\n",
i, g10_errstr(rc));
last_rc = rc;
}
}
}
return last_rc;
}
/****************
* Lock the keyblock; wait until it's available
* This function may change the internal data in kbpos, in cases
* when the to be locked keyblock has been modified.
* fixme: remove this function and add an option to search_keyblock()?
*/
int
lock_keyblock( KBPOS *kbpos )
{
int rc;
if( (rc=check_pos(kbpos)) )
return rc;
return 0;
}
/****************
* Release a lock on a keyblock
*/
int
unlock_keyblock( KBPOS *kbpos )
{
int rc;
if( (rc=check_pos(kbpos)) )
return rc;
return 0;
}
/****************
* Read a complete keyblock and return the root in ret_root.
*/
int
read_keyblock( KBPOS *kbpos, KBNODE *ret_root )
{
int rc;
if( (rc=check_pos(kbpos)) )
return rc;
return keyring_read( kbpos, ret_root );
}
/****************
* Insert the keyblock described by ROOT into the keyring described
* by KBPOS. This actually appends the data to the keyfile.
*/
int
insert_keyblock( KBPOS *kbpos, KBNODE root )
{
int rc;
if( (rc=check_pos(kbpos)) )
return rc;
rc = keyring_insert( kbpos, root );
return rc;
}
/****************
* Delete the keyblock described by KBPOS.
* The current code simply changes the keyblock in the keyring
* to packet of type 0 with the correct length. To help detecting errors,
* zero bytes are written.
*/
int
delete_keyblock( KBPOS *kbpos )
{
int rc;
if( (rc=check_pos(kbpos)) )
return rc;
rc = keyring_delete( kbpos );
return rc;
}
/****************
* Update the keyblock at KBPOS with the one in ROOT.
*/
int
update_keyblock( KBPOS *kbpos, KBNODE root )
{
int rc;
KBPOS kbpos2;
/* we do it the simple way: */
memset( &kbpos2, 0, sizeof kbpos2 );
kbpos2.resno = kbpos->resno;
rc = insert_keyblock( &kbpos2, root );
if( !rc )
rc = delete_keyblock( kbpos );
return rc;
}
/****************************************************************
********** Functions which operates on regular keyrings ********
****************************************************************/
/****************
* search one keyring, return 0 if found, -1 if not found or an errorcode.
*/
static int
keyring_search( PACKET *req, KBPOS *kbpos, IOBUF iobuf )
{
int rc;
PACKET pkt;
int save_mode;
ulong offset;
int pkttype = req->pkttype;
PKT_public_cert *req_pkc = req->pkt.public_cert;
PKT_secret_cert *req_skc = req->pkt.secret_cert;
init_packet(&pkt);
save_mode = set_packet_list_mode(0);
if( iobuf_seek( iobuf, 0 ) ) {
log_error("can't rewind keyring file: %s\n", g10_errstr(rc));
rc = G10ERR_KEYRING_OPEN;
goto leave;
}
while( !(rc=search_packet(iobuf, &pkt, pkttype, &offset)) ) {
if( pkt.pkttype == PKT_SECRET_CERT ) {
PKT_secret_cert *skc = pkt.pkt.secret_cert;
if( req_skc->timestamp == skc->timestamp
&& req_skc->valid_days == skc->valid_days
&& req_skc->pubkey_algo == skc->pubkey_algo
&& ( ( skc->pubkey_algo == PUBKEY_ALGO_ELGAMAL
&& !mpi_cmp( req_skc->d.elg.p, skc->d.elg.p )
&& !mpi_cmp( req_skc->d.elg.g, skc->d.elg.g )
&& !mpi_cmp( req_skc->d.elg.y, skc->d.elg.y )
&& !mpi_cmp( req_skc->d.elg.x, skc->d.elg.x )
)
|| ( skc->pubkey_algo == PUBKEY_ALGO_RSA
&& !mpi_cmp( req_skc->d.rsa.rsa_n, skc->d.rsa.rsa_n )
&& !mpi_cmp( req_skc->d.rsa.rsa_e, skc->d.rsa.rsa_e )
&& !mpi_cmp( req_skc->d.rsa.rsa_d, skc->d.rsa.rsa_d )
)
)
)
break; /* found */
}
else if( pkt.pkttype == PKT_PUBLIC_CERT ) {
PKT_public_cert *pkc = pkt.pkt.public_cert;
if( req_pkc->timestamp == pkc->timestamp
&& req_pkc->valid_days == pkc->valid_days
&& req_pkc->pubkey_algo == pkc->pubkey_algo
&& ( ( pkc->pubkey_algo == PUBKEY_ALGO_ELGAMAL
&& !mpi_cmp( req_pkc->d.elg.p, pkc->d.elg.p )
&& !mpi_cmp( req_pkc->d.elg.g, pkc->d.elg.g )
&& !mpi_cmp( req_pkc->d.elg.y, pkc->d.elg.y )
)
|| ( pkc->pubkey_algo == PUBKEY_ALGO_RSA
&& !mpi_cmp( req_pkc->d.rsa.rsa_n, pkc->d.rsa.rsa_n )
&& !mpi_cmp( req_pkc->d.rsa.rsa_e, pkc->d.rsa.rsa_e )
)
)
)
break; /* found */
}
else
log_bug(NULL);
free_packet(&pkt);
}
if( !rc )
kbpos->offset = offset;
leave:
free_packet(&pkt);
set_packet_list_mode(save_mode);
return rc;
}
static int
keyring_read( KBPOS *kbpos, KBNODE *ret_root )
{
PACKET *pkt;
int rc;
KBNODE root = NULL;
KBNODE node, n1, n2;
IOBUF a;
if( (rc=check_pos(kbpos)) )
return rc;
a = resource_table[kbpos->resno].iobuf;
pkt = m_alloc( sizeof *pkt );
init_packet(pkt);
while( (rc=parse_packet(a, pkt)) != -1 ) {
if( rc ) { /* ignore errors */
free_packet( pkt );
continue;
}
switch( pkt->pkttype ) {
case PKT_PUBLIC_CERT:
case PKT_SECRET_CERT:
if( root )
break;
root = new_kbnode( pkt );
pkt = m_alloc( sizeof *pkt );
init_packet(pkt);
break;
case PKT_USER_ID:
if( !root ) {
log_error("read_keyblock: orphaned user id\n" );
rc = G10ERR_INV_KEYRING; /* or wron kbpos */
break;
}
/* append the user id */
node = new_kbnode( pkt );
if( !(n1=root->child) )
root->child = node;
else {
for( ; n1->next; n1 = n1->next)
;
n1->next = node;
}
pkt = m_alloc( sizeof *pkt );
init_packet(pkt);
break;
case PKT_SIGNATURE:
if( !root ) {
log_error("read_keyblock: no root for signature\n" );
rc = G10ERR_INV_KEYRING; /* or wrong kbpos */
break;
}
if( !root->child ) {
log_error("read_keyblock: no userid for signature\n" );
rc = G10ERR_INV_KEYRING;
break;
}
/* goto the last user id */
for(n1=root->child; n1->next; n1 = n1->next )
;
/* append the signature node */
node = new_kbnode( pkt );
if( !(n2=n1->child) )
n1->child = node;
else {
for( ; n2->next; n2 = n2->next)
;
n2->next = node;
}
pkt = m_alloc( sizeof *pkt );
init_packet(pkt);
break;
default: /* ignore all other packets. FIXME: we should not do this */
free_packet( pkt );
break;
}
}
kbpos->last_block = rc == -1; /* flag, that this is the last block */
if( rc == -1 && root )
rc = 0;
if( rc )
release_kbnode( root );
else {
*ret_root = root;
kbpos->length = iobuf_tell( a ) - kbpos->offset;
}
free_packet( pkt );
m_free( pkt );
return rc;
}
static int
keyring_insert( KBPOS *kbpos, KBNODE root )
{
return -1;
}
static int
keyring_delete( KBPOS *kbpos )
{
return -1;
}
/****************************************************************
********** Functions which operates on databases ***************
****************************************************************/

2
include/cipher.h
View File

@ -30,6 +30,7 @@
#include "mpi.h"
#include "../cipher/md5.h"
#include "../cipher/rmd.h"
#include "../cipher/sha1.h"
#ifdef HAVE_RSA_CIPHER
#include "../cipher/rsa.h"
#endif
@ -71,6 +72,7 @@ typedef struct {
union {
MD5HANDLE md5;
RMDHANDLE rmd;
SHA1HANDLE sha1;
} u;
int datalen;
char data[1];

2
include/errors.h
View File

@ -50,5 +50,7 @@
#define G10ERR_NI_CIPHER 28
#define G10ERR_SIG_CLASS 29
#define G10ERR_BAD_MPI 30
#define G10ERR_RESOURCE_LIMIT 31
#define G10ERR_INV_KEYRING 32
#endif /*G10_ERRORS_H*/

18
include/iobuf.h
View File

@ -39,18 +39,14 @@ typedef struct iobuf_struct *IOBUF;
struct iobuf_struct {
int usage; /* 1 input , 2 output, 3 temp */
unsigned long nlimit;
unsigned long nbytes;
unsigned long nbytes; /* used together with nlimit */
unsigned long ntotal; /* total bytes read (position of stream) */
struct {
size_t size; /* allocated size */
size_t start; /* number of invalid bytes at the begin of the buffer */
size_t len; /* currently filled to this size */
byte *buf;
} d;
struct {
size_t size;
size_t len;
char *buf;
} recorder;
int filter_eof;
int (*filter)( void *opaque, int control,
IOBUF chain, byte *buf, size_t *len);
@ -80,6 +76,9 @@ void iobuf_clear_eof(IOBUF a);
void iobuf_set_limit( IOBUF a, unsigned long nlimit );
ulong iobuf_tell( IOBUF a );
int iobuf_seek( IOBUF a, ulong newpos );
int iobuf_readbyte(IOBUF a);
int iobuf_writebyte(IOBUF a, unsigned c);
int iobuf_write(IOBUF a, byte *buf, unsigned buflen );
@ -88,10 +87,6 @@ int iobuf_writestr(IOBUF a, const char *buf );
int iobuf_write_temp( IOBUF a, IOBUF temp );
size_t iobuf_temp_to_buffer( IOBUF a, byte *buffer, size_t buflen );
void iobuf_start_recorder( IOBUF a );
void iobuf_push_recorder( IOBUF a, int c );
char *iobuf_stop_recorder( IOBUF a, size_t *n );
u32 iobuf_get_filelength( IOBUF a );
const char *iobuf_get_fname( IOBUF a );
@ -104,8 +99,7 @@ int iobuf_in_block_mode( IOBUF a );
* returned value to be in the range 0 ..255.
*/
#define iobuf_get(a) \
( ((a)->recorder.buf || (a)->nlimit \
|| (a)->d.start >= (a)->d.len )? \
( ((a)->nlimit || (a)->d.start >= (a)->d.len )? \
iobuf_readbyte((a)) : ( (a)->nbytes++, (a)->d.buf[(a)->d.start++] ) )
#define iobuf_get_noeof(a) (iobuf_get((a))&0xff)

6
include/memory.h
View File

@ -34,6 +34,7 @@
#define m_free(n) m_debug_free((n), M_DBGINFO(__LINE__) )
#define m_check(n) m_debug_check((n), M_DBGINFO(__LINE__) )
#define m_copy(a) m_debug_copy((a), M_DBGINFO(__LINE__) )
#define m_strdup(a) m_debug_strdup((a), M_DBGINFO(__LINE__) )
void *m_debug_alloc( size_t n, const char *info );
void *m_debug_alloc_clear( size_t n, const char *info );
@ -43,6 +44,7 @@ void *m_debug_realloc( void *a, size_t n, const char *info );
void m_debug_free( void *p, const char *info );
void m_debug_check( const void *a, const char *info );
void *m_debug_copy( const void *a, const char *info );
char *m_debug_strdup( const char *a, const char *info );
#else
void *m_alloc( size_t n );
@ -52,10 +54,10 @@ void *m_alloc_secure_clear( size_t n );
void *m_realloc( void *a, size_t n );
void m_free( void *p );
void m_check( const void *a );
void *m_copy( void *a );
void *m_copy( const void *a );
char *m_strdup( const char * a);
#endif
size_t m_size( const void *a );
int m_is_secure( const void *p );

1
include/util.h
View File

@ -79,6 +79,7 @@ const char *strusage( int level );
/*-- fileutil.c --*/
char *make_filename( const char *first_part, ... );
/*-- miscutil.c --*/
u32 make_timestamp(void);

233
util/argparse.c
View File

@ -23,6 +23,7 @@
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <ctype.h>
#include <string.h>
#include "util.h"
@ -124,10 +125,202 @@
*/
static void set_opt_arg(ARGPARSE_ARGS *arg, unsigned flags, char *s);
static int set_opt_arg(ARGPARSE_ARGS *arg, unsigned flags, char *s);
static void show_help(ARGPARSE_OPTS *opts, unsigned flags);
static void show_version(void);
static void
initialize( ARGPARSE_ARGS *arg, const char *filename, unsigned *lineno )
{
if( !(arg->flags & (1<<15)) ) { /* initialize this instance */
arg->internal.index = 0;
arg->internal.last = NULL;
arg->internal.inarg = 0;
arg->internal.stopped= 0;
arg->err = 0;
arg->flags |= 1<<15; /* mark initialized */
if( *arg->argc < 0 )
log_bug("Invalid argument for ArgParse\n");
}
if( arg->err ) { /* last option was erroneous */
const char *s;
if( filename ) {
if( arg->r_opt == -6 )
s = "%s:%u: argument not expected\n";
else if( arg->r_opt == -5 )
s = "%s:%u: read error\n";
else if( arg->r_opt == -4 )
s = "%s:%u: keyword too long\n";
else if( arg->r_opt == -3 )
s = "%s:%u: missing argument\n";
else
s = "%s:%u: invalid option\n";
log_error(s, filename, *lineno );
}
else {
if( arg->r_opt == -3 )
s = "Missing argument for option \"%.50s\"\n";
else
s = "Invalid option \"%.50s\"\n";
log_error(s, arg->internal.last? arg->internal.last:"[??]" );
}
if( arg->err != 1 )
exit(2);
arg->err = 0;
}
}
/****************
* Get options from a file.
* Lines starting with '#' are comment lines.
* Syntax is simply a keyword and the argument.
* Valid keywords are all keywords from the long_opt list without
* the leading dashes. The special keywords help, warranty and version
* are not valid here.
* Caller must free returned strings.
* If called with FP set to NULL command line args are parse instead.
*/
int
optfile_parse( FILE *fp, const char *filename, unsigned *lineno,
ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts)
{
char *s, *s2;
int state, i, c;
int index=0;
char keyword[100];
char *buffer = NULL;
size_t buflen = 0;
if( !fp ) /* same as arg_parse() in this case */
return arg_parse( arg, opts );
initialize( arg, filename, lineno );
/* find the next keyword */
state = i = 0;
for(;;) {
c=getc(fp);
if( c == '\n' || c== EOF ) {
if( c != EOF )
++*lineno;
if( state == -1 )
break;
else if( state == 2 ) {
keyword[i] = 0;
for(i=0; opts[i].short_opt; i++ )
if( opts[i].long_opt && !strcmp( opts[i].long_opt, keyword) )
break;
index = i;
arg->r_opt = opts[index].short_opt;
if( !opts[index].short_opt )
arg->r_opt = -2; /* unknown option */
else if( (opts[index].flags & 8) ) /* no optional argument */
arg->r_type = 0; /* okay */
else /* no required argument */
arg->r_opt = -3; /* error */
break;
}
else if( state == 3 ) { /* no argument found */
if( !(opts[index].flags & 7) ) /* does not take an argument */
arg->r_type = 0; /* okay */
else if( (opts[index].flags & 8) ) /* no optional argument */
arg->r_type = 0; /* okay */
else /* no required argument */
arg->r_opt = -3; /* error */
break;
}
else if( state == 4 ) { /* have an argument */
if( !(opts[index].flags & 7) ) /* does not take an argument */
arg->r_opt = -6; /* error */
else {
if( !buffer ) {
keyword[i] = 0;
buffer = m_strdup(keyword);
}
else
buffer[i] = 0;
if( !set_opt_arg(arg, opts[index].flags, buffer) )
m_free(buffer);
}
break;
}
else if( c == EOF ) {
if( ferror(fp) )
arg->r_opt = -5; /* read error */
else
arg->r_opt = 0; /* eof */
break;
}
state = 0;
i = 0;
}
else if( state == -1 )
; /* skip */
else if( !state && isspace(c) )
; /* skip leading white space */
else if( !state && c == '#' )
state = 1; /* start of a comment */
else if( state == 1 )
; /* skip comments */
else if( state == 2 && isspace(c) ) {
keyword[i] = 0;
for(i=0; opts[i].short_opt; i++ )
if( opts[i].long_opt && !strcmp( opts[i].long_opt, keyword) )
break;
index = i;
arg->r_opt = opts[index].short_opt;
if( !opts[index].short_opt ) {
arg->r_opt = -2; /* unknown option */
state = -1; /* skip rest of line and leave */
}
else
state = 3;
}
else if( state == 3 ) { /* skip leading spaces of the argument */
if( !isspace(c) ) {
i = 0;
keyword[i] = c;
state = 4;
}
}
else if( state == 4 ) { /* collect the argument */
if( buffer ) {
if( i < buflen-1 )
buffer[i++] = c;
else {
buflen += 50;
buffer = m_realloc(buffer, buflen);
buffer[i++] = c;
}
}
else if( i < DIM(keyword)-1 )
keyword[i++] = c;
else {
buflen = DIM(keyword)+50;
buffer = m_alloc(buflen);
memcpy(buffer, keyword, i);
buffer[i++] = c;
}
}
else if( i >= DIM(keyword)-1 ) {
arg->r_opt = -4; /* keyword to long */
state = -1; /* skip rest of line and leave */
}
else {
keyword[i++] = c;
state = 2;
}
}
return arg->r_opt;
}
int
arg_parse( ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts)
@ -138,31 +331,11 @@ arg_parse( ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts)
char *s, *s2;
int i;
if( !(arg->flags & (1<<15)) ) { /* initialize this instance */
arg->internal.index = 0;
arg->internal.last = NULL;
arg->internal.inarg = 0;
arg->internal.stopped= 0;
arg->err = 0;
arg->flags |= 1<<15; /* mark initialized */
if( *arg->argc < 0 )
log_bug("Invalid argument for ArgParse\n");
}
initialize( arg, NULL, NULL );
argc = *arg->argc;
argv = *arg->argv;
index = arg->internal.index;
if( arg->err ) { /* last option was erroneous */
if( arg->r_opt == -3 )
s = "Missing argument for option \"%.50s\"\n";
else
s = "Invalid option \"%.50s\"\n";
log_error(s, arg->internal.last? arg->internal.last:"[??]" );
if( arg->err != 1 )
exit(2);
arg->err = 0;
}
if( !index && argc && !(arg->flags & (1<<4)) ) { /* skip the first entry */
argc--; argv++; index++;
}
@ -322,7 +495,7 @@ arg_parse( ARGPARSE_ARGS *arg, ARGPARSE_OPTS *opts)
static void
static int
set_opt_arg(ARGPARSE_ARGS *arg, unsigned flags, char *s)
{
int base = (flags & 16)? 0 : 10;
@ -330,17 +503,17 @@ set_opt_arg(ARGPARSE_ARGS *arg, unsigned flags, char *s)
switch( arg->r_type = (flags & 7) ) {
case 1: /* takes int argument */
arg->r.ret_int = (int)strtol(s,NULL,base);
break;
default:
case 2: /* takes string argument */
arg->r.ret_str = s;
break;
return 0;
case 3: /* takes long argument */
arg->r.ret_long= strtol(s,NULL,base);
break;
return 0;
case 4: /* takes ulong argument */
arg->r.ret_ulong= strtoul(s,NULL,base);
break;
return 0;
case 2: /* takes string argument */
default:
arg->r.ret_str = s;
return 1;
}
}

35
util/fileutil.c
View File

@ -21,6 +21,7 @@
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <stdarg.h>
#include <string.h>
#include <assert.h>
#include <unistd.h>
@ -29,3 +30,37 @@
#include "ttyio.h"
/****************
* Construct a filename form the NULL terminated list of parts.
* Tilde expansion is done here.
*/
char *
make_filename( const char *first_part, ... )
{
va_list arg_ptr ;
size_t n;
const char *s;
char *name, *home, *p;
va_start( arg_ptr, first_part ) ;
n = strlen(first_part)+1;
while( (s=va_arg(arg_ptr, const char *)) )
n += strlen(s) + 1;
va_end(arg_ptr);
home = NULL;
if( *first_part == '~' && first_part[1] == '/'
&& (home = getenv("HOME")) && *home )
n += strlen(home);
name = m_alloc(n);
p = home ? stpcpy(stpcpy(name,home), first_part+1)
: stpcpy(name, first_part);
va_start( arg_ptr, first_part ) ;
while( (s=va_arg(arg_ptr, const char *)) )
p = stpcpy(stpcpy(p,"/"), s);
va_end(arg_ptr);
return name;
}

71
util/iobuf.c
View File

@ -271,7 +271,6 @@ iobuf_close( IOBUF a )
if( a->filter && (rc = a->filter(a->filter_ov, IOBUFCTRL_FREE,
a->chain, NULL, &dummy_len)) )
log_error("IOBUFCTRL_FREE failed on close: %s\n", g10_errstr(rc) );
m_free(a->recorder.buf);
m_free(a->d.buf);
m_free(a);
}
@ -406,9 +405,8 @@ iobuf_push_filter( IOBUF a,
a->d.start = 0;
}
/* disable nlimit for the new stream */
a->ntotal = b->ntotal + b->nbytes;
a->nlimit = a->nbytes = 0;
/* disable recorder for the original stream */
b->recorder.buf = NULL;
/* make a link from the new stream to the original stream */
a->chain = b;
a->opaque = b->opaque;
@ -601,14 +599,6 @@ iobuf_readbyte(IOBUF a)
return -1; /* EOF */
a->nbytes++;
if( a->recorder.buf ) {
if( a->recorder.len >= a->recorder.size ) {
a->recorder.size += 500;
a->recorder.buf = m_realloc( a->recorder.buf, a->recorder.size );
}
((byte*)a->recorder.buf)[a->recorder.len++] = c;
}
return c;
}
@ -678,47 +668,12 @@ void
iobuf_set_limit( IOBUF a, unsigned long nlimit )
{
a->nlimit = nlimit;
a->ntotal += a->nbytes;
a->nbytes = 0;
}
void
iobuf_start_recorder( IOBUF a )
{
m_free(a->recorder.buf);
a->recorder.size = 500;
a->recorder.buf = m_alloc(a->recorder.size);
a->recorder.len = 0;
}
void
iobuf_push_recorder( IOBUF a, int c )
{
if( a->recorder.buf ) {
if( a->recorder.len >= a->recorder.size ) {
a->recorder.size += 500;
a->recorder.buf = m_realloc( a->recorder.buf, a->recorder.size );
}
((byte*)a->recorder.buf)[a->recorder.len++] = c;
}
}
char *
iobuf_stop_recorder( IOBUF a, size_t *n )
{
char *p;
if( !a->recorder.buf )
log_bug("iobuf_recorder not started\n");
p = a->recorder.buf;
if( n )
*n = a->recorder.len;
a->recorder.buf = NULL;
return p;
}
/****************
* Return the length of an open file
*/
@ -741,6 +696,28 @@ iobuf_get_filelength( IOBUF a )
return 0;
}
/****************
* Tell the file position, where the next read will take place
*/
ulong
iobuf_tell( IOBUF a )
{
return a->ntotal + a->nbytes;
}
int
iobuf_seek( IOBUF a, ulong newpos )
{
return -1;
}
/****************
* Retrieve the filename
*/

16
util/memory.c
View File

@ -54,6 +54,7 @@ const void membug( const char *fmt, ... );
#undef m_realloc
#undef m_free
#undef m_check
#undef m_strdup
#define FNAME(a) m_debug_ ##a
#define FNAMEPRT , const char *info
#define FNAMEARG , info
@ -370,7 +371,7 @@ FNAME(alloc_secure_clear)( size_t n FNAMEPRT)
/****************
* realloc and clear the new space
* realloc and clear the old space
*/
void *
FNAME(realloc)( void *a, size_t n FNAMEPRT )
@ -461,13 +462,13 @@ m_is_secure( const void *p )
* Make a copy of the memory block at a
*/
void *
FNAME(copy)( void *a FNAMEPRT )
FNAME(copy)( const void *a FNAMEPRT )
{
void *b;
size_t n;
if( !a )
return a;
return NULL;
n = m_size(a);
if( m_is_secure(a) )
@ -479,3 +480,12 @@ FNAME(copy)( void *a FNAMEPRT )
}
char *
FNAME(strdup)( const char *a FNAMEPRT )
{
size_t n = strlen(a);
char *p = FNAME(alloc)(n+1 FNAMEARG);
strcpy(p, a);
return p;
}